An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). A lack of input validation in calls to doverify in srunix/do_verify.c allows attackers to attempt to jump to a NULL pointer by corrupting a function pointer.
{ "urgency": "not yet assigned" }