PT-2010-4021 · Subtitle Translation Wizard · Subtitle Translation Wizard

Published

2010-06-24

Updated

2010-06-25

CVE-2010-2440

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Subtitle Translation Wizard version 3.0

Description A stack-based buffer overflow issue exists, allowing user-assisted remote attackers to execute arbitrary code. This is achieved via a crafted SRT file containing a long line after a time range.

Recommendations For Subtitle Translation Wizard version 3.0, consider avoiding the use of crafted SRT files until a patch is available. As a temporary workaround, restrict the processing of SRT files with long lines after time ranges to minimize the risk of exploitation.

Exploit

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2010-2440

Affected Products

Subtitle Translation Wizard

PT-2010-4021 · Subtitle Translation Wizard · Subtitle Translation Wizard

CVE-2010-2440

Weakness Enumeration

Related Identifiers

Affected Products

References · 6