tdm-gccgcc-4.8.1-tdm-2-c++: 1 vulnerabilities (highest severity is: 7.8) - autoclosed

[mend-for-github-com[bot]]

Vulnerable Library - tdm-gccgcc-4.8.1-tdm-2-c++

GCC for 32-bit and 64-bit Windows with a real installer & updater

Library home page: https://sourceforge.net/projects/tdm-gcc/

Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5

Vulnerable Source Files (1)

Vulnerabilities

CVE	Severity	CVSS	Dependency	Type	Fixed in (tdm-gccgcc version)	Remediation Available
CVE-2002-2439	High	7.8	tdm-gccgcc-4.8.1-tdm-2-c++	Direct	gcc-4.8.0	❌

Details

CVE-2002-2439

### Vulnerable Library - tdm-gccgcc-4.8.1-tdm-2-c++

GCC for 32-bit and 64-bit Windows with a real installer & updater

Library home page: https://sourceforge.net/projects/tdm-gcc/

Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5

Found in base branch: master

### Vulnerable Source Files (1)

### Vulnerability Details

Integer overflow in the new[] operator in gcc before 4.8.0 allows attackers to have unspecified impacts.

Publish Date: 2019-10-23

URL: CVE-2002-2439

### CVSS 3 Score Details (7.8)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: Low - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2439

Release Date: 2019-10-23

Fix Resolution: gcc-4.8.0

[mend-for-github-com[bot]]

:information_source: This issue was automatically closed by Mend because it is a duplicate of an existing issue: #57

[mend-for-github-com[bot]]

:information_source: This issue was automatically closed by Mend because it is a duplicate of an existing issue: #57