CNNVD-202602-1288 Information
CNNVD ID
CNNVD-202602-1288
Related CVE
- CNNVD Published: 2026-02-09
Description (Chinese)
CCExtractor是CCExtractor Development开源的一个解压软件。 CCExtractor 183及之前版本存在缓冲区错误漏洞,该漏洞源于函数parse_PAT/parse_PMT存在越界读取,可能导致信息泄露。
Description (English)
CCExtractor is a pressure relief software from the CCExtractor Development Open Source. CCExtractor 183 and previous versions had an error loophole in the buffer zone, which stemmed from the cross-border reading of the function Parse PAT/parse PMT, which could lead to the disclosure of information.
Hazard Level
Critical
Vulnerability Type
缓冲区错误
Affected Vendor
CCExtractor Development
Published
2026-02-09
Last Modified
2026-02-24
References
https://github.com/CCExtractor/ccextractor/pull/2057 https://github.com/CCExtractor/ccextractor/commit/fd7271bae238ccb3ae8a71304ea64f0886324925 https://vuldb.com/?ctiid.344991 https://vuldb.com/?submit.753160 https://github.com/oneafter/0123/blob/main/cc1/repro https://vuldb.com/?id.344991 https://github.com/CCExtractor/ccextractor/issues/2053 https://vuldb.com/?submit.753159 https://access.redhat.com/security/cve/cve-2026-2245
Patch
https://github.com/CCExtractor/ccextractor/releases
Share on: