PT-2010-4021 · Subtitle Translation Wizard · Subtitle Translation Wizard

Publicado

2010-06-24

Atualizado

2010-06-25

CVE-2010-2440

CVSS v2.0

9.3

Alta

Vetor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Subtitle Translation Wizard version 3.0

Description A stack-based buffer overflow issue exists, allowing user-assisted remote attackers to execute arbitrary code. This is achieved via a crafted SRT file containing a long line after a time range.

Recommendations For Subtitle Translation Wizard version 3.0, consider avoiding the use of crafted SRT files until a patch is available. As a temporary workaround, restrict the processing of SRT files with long lines after time ranges to minimize the risk of exploitation.

Exploit

Correção

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

CVE-2010-2440

Produtos afetados

Subtitle Translation Wizard

PT-2010-4021 · Subtitle Translation Wizard · Subtitle Translation Wizard

CVE-2010-2440

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6