CVE-2022-1211
MEDIUMtildearrow Furnace dev73 - Stack-based Buffer Overflow in FUR to VGM Converter
Title source: llmDescription
A vulnerability classified as critical has been found in tildearrow Furnace dev73. This affects the FUR to VGM converter in console mode which causes stack-based overflows and crashes. It is possible to initiate the attack remotely but it requires user-interaction. A POC has been disclosed to the public and may be used.
References (3)
Core 3
Core References
Exploit, Issue Tracking, Patch, Third Party Advisory x_refsource_misc
https://github.com/tildearrow/furnace/issues/325
Third Party Advisory x_refsource_misc
https://drive.google.com/file/d/1h111beVcWG8F99jRffO7_HKYEhm7Qgvb/view?usp=sharing
Permissions Required, Third Party Advisory x_refsource_misc
https://vuldb.com/?id.196371
Scores
CVSS v3
6.3
EPSS
0.0089
EPSS Percentile
54.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-121
CWE-787
Status
published
Products (1)
tildearrow/furnace
dev73
Published
Apr 03, 2022
Tracked Since
Feb 18, 2026