Heap-based buffer overflow in the yygetnextbuffer function in Flex before 2.6.1 might allow context-dependent attackers to cause a denial of service or possibly execute arbitrary code via vectors involving numto_read.
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "flex-doc": "2.5.35-10.1ubuntu2", "flex": "2.5.35-10.1ubuntu2", "libfl-dev": "2.5.35-10.1ubuntu2" } ] }
{ "ubuntu_priority": "low" }