CVE-2021-47877
Denial of Service via Buffer Overflow in GeoGebra
Publication date: 2026-01-21
Last updated on: 2026-01-21
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| geogebra | graphing_calculator | 6.0.631.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-770 | The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2021-47877 is a denial of service vulnerability in GeoGebra Graphing Calculator version 6.0.631.0. It occurs when an attacker inputs an oversized bufferβspecifically, a payload of 8,000 repeated charactersβinto the application's input field. This overwhelms the input handling, causing the application to become unresponsive and crash. [1, 2]
How can this vulnerability impact me? :
This vulnerability can cause the GeoGebra Graphing Calculator application to crash and become unresponsive, resulting in a denial of service. This means legitimate users will be unable to use the application until it is restarted, potentially disrupting work or study that relies on the software. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by attempting to reproduce the denial of service condition locally on the system running GeoGebra Graphing Calculator 6.0.631.0. A proof-of-concept involves generating a payload of 8000 repeated characters (e.g., 'A') and inputting it into the application's input field labeled 'Entrada...'. There are no specific network detection commands since the attack vector is local. A sample method is to use a Python script to create a file with 8000 'A's and then paste its content into the application to see if it crashes. [2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include avoiding inputting oversized buffers (such as 8000 repeated characters) into the GeoGebra Graphing Calculator input fields. Since the vulnerability requires local user interaction, restricting access to the application and educating users not to input large repetitive data can help. Additionally, monitoring for updates or patches from GeoGebra and applying them once available is recommended. [1, 2]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability causes a denial of service by crashing the GeoGebra Graphing Calculator application through an oversized input buffer. It does not affect confidentiality, integrity, or availability beyond the denial of service impact. There is no information indicating that this vulnerability directly affects compliance with common standards and regulations such as GDPR or HIPAA. [1]