PT-2009-3882 · Dawningsoft · Dawningsoft Powerchm
Sub-Zero
·
Publicado
2009-04-21
·
Atualizado
2017-09-29
·
CVE-2009-1352
CVSS v2.0
9.3
Alta
| Vetor | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Dawningsoft PowerCHM version 5.7
Description
The issue is a stack-based buffer overflow that can be triggered by a remote attacker using an HTML file with a link to a long URL, potentially causing a denial of service (application crash) and possibly allowing the execution of arbitrary code. This can be demonstrated with a .rar URL.
Recommendations
For Dawningsoft PowerCHM version 5.7, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Dawningsoft Powerchm