PT-2009-3882 · Dawningsoft · Dawningsoft Powerchm
Sub-Zero
·
Published
2009-04-21
·
Updated
2017-09-29
·
CVE-2009-1352
CVSS v2.0
9.3
High
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Dawningsoft PowerCHM version 5.7
Description
The issue is a stack-based buffer overflow that can be triggered by a remote attacker using an HTML file with a link to a long URL, potentially causing a denial of service (application crash) and possibly allowing the execution of arbitrary code. This can be demonstrated with a .rar URL.
Recommendations
For Dawningsoft PowerCHM version 5.7, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Dawningsoft Powerchm