PT-2019-12852 · Sweetscape · 010 Editor
Publicado
2019-06-05
·
Atualizado
2020-08-24
·
CVE-2019-12554
CVSS v3.1
7.5
Alta
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
SweetScape 010 Editor version 9.0.1
Description
The issue arises from improper validation of arguments in the internal implementation of the
WSubStr function, which is provided by the scripting engine. This allows an attacker to cause a denial of service by crashing the application.Recommendations
For SweetScape 010 Editor version 9.0.1, consider disabling the
WSubStr function as a temporary workaround until a patch is available.Exploit
Correção
Out of bounds Read
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
010 Editor