BF Specification of CVE-2023-3765

Erroneous validation (does not check for absolute path format with '/', e.g. C:/ or C:/temp/poc.txt) in validate_path_is_safe() leads to file injection -- absolute path traversal. If exploited, this can lead to information exposure, data tempering, or denial of service -- confidentiality, integrity, and availability loss, correspondingly.



Bug ReportCode with BugCode with FixNVD Entry
DVLData are validated (syntax check) or sanitized (escape, filter, repair) improperly.
ValidateCheck data syntax (proper form/grammar) in order to accept (and possibly sanitize) or reject it (incl. check for missing symbols/elements).
Code Defect BugThe operation has a bug, which is the first cause for the chain of weaknesses underlying a software security vulnerability. The bug must be fixed to resolve the vulnerability.
   Erroneous CodeThe operation implementation has a bug.
Injection Final ErrorAn exploitable or undefined system behavior caused by 'code separation' data validation bugs.
   File InjectionMaliciously inserted data (e.g., with .. and / or with file entries) into an input used to access/modify files or as a file content.
Operation AttributeDefinition
MechanismShows how the buggy/faulty operation code is performed.
   FormatA policy based on syntax format (e.g., defined via regular expression).
Source CodeShows where the buggy/faulty operation code is in the program -- in what kind of software.
   CodebaseThe operation is in the programmer's code - in the application itself.
Execution SpaceShows where the buggy/faulty operation code is running or with what privilege level).
   LocalThe bugged code runs in an environment with access control policy with limited (local user) permission.
Operand AttributeDefinition
Data StateShows where the data come from.
   TransferredThe data are from another device via a network (e.g., connecting analog device or another computer).