Primary

Context

GNU Barcode Buffer Overflow Vulnerability in Code 93 Encoding

Vulnerability

A buffer overflow vulnerability has been identified in GNU Barcode version 0.99, specifically within the Code 93 encoding process. This vulnerability allows attackers to cause memory corruption by exploiting boundary errors during the processing of input files. Successful exploitation could lead to the execution of arbitrary code on the affected system.

Impact

Exploitation of this vulnerability causes a global buffer overflow, allowing for memory corruption that could be leveraged to execute arbitrary code.

Reproduction

The vulnerability can be reproduced by processing a specially crafted input file with GNU Barcode 0.99. This can be done using the command line interface, specifying the crafted file as input. The exploitation can be verified by using AddressSanitizer, which will report the buffer overflow error.

Added: Dec 24, 2025, 8:38 PM

Updated: Dec 24, 2025, 8:38 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

6.0

remediation

0.0

relevance

1.7

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

6.0

remediation

0.0

relevance

1.7

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

GNU Barcode Buffer Overflow Vulnerability in Code 93 Encoding

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating