CVE-2021-21783 in Genivia and Oracle Products
Published on March 25, 2021
A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability.
Weakness Type
Integer Overflow to Buffer Overflow
The product performs a calculation to determine how much memory to allocate, but an integer overflow can occur that causes less memory to be allocated than expected, leading to a buffer overflow.
Products Associated with CVE-2021-21783
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2021-21783 are published in these products:
Exploit Probability
EPSS
2.06%
Percentile
83.61%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.