{"id":"CVE-2010-2947","details":"Heap-based buffer overflow in the HX_split function in string.c in libHX before 3.6 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a string that is inconsistent with the expected number of fields.","modified":"2026-04-10T03:41:22.357388Z","published":"2010-08-24T20:00:00Z","related":["openSUSE-SU-2024:10005-1"],"references":[{"type":"ADVISORY","url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:165"},{"type":"ADVISORY","url":"http://www.vupen.com/english/advisories/2010/2232"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=625866"},{"type":"WEB","url":"http://libhx.git.sourceforge.net/git/gitweb.cgi?p=libhx/libhx%3Ba=commit%3Bh=904a46f90dd3f046bfac0b64a5e813d7cd4fca59"},{"type":"WEB","url":"http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2010/08/20/12"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2010/08/20/5"},{"type":"WEB","url":"http://www.securityfocus.com/bid/42592"}],"schema_version":"1.7.5"}