Skip to main content

Incorrect Calculation


Severity High
Score 7.5/10


An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, an attacker can cause a size variable, stored as an signed int, to equal an extremely large value, which is interpreted as a negative value during a check. This value is then used in a memcpy call on the stack, causing a memory segmentation fault.

  • LOW
  • NONE
  • NONE
  • NONE
  • NONE
  • HIGH

CWE-682 - Incorrect Calculation

The software performs a calculation that generates incorrect or unintended results that are later used in security-critical decisions or resource management.


Advisory Timeline

  • Published