PT-2018-6596 · Handy Password · Handy Password
Published
2018-01-10
·
Updated
2018-02-02
·
CVE-2017-17946
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
Handy Password version 4.9.3
Description:
A buffer overflow issue allows remote attackers to execute arbitrary code via a long
Title name field in mail box data that is mishandled in an Open from mail box action.Recommendations:
For Handy Password version 4.9.3, consider avoiding the use of long
Title name fields in mail box data until a patch is available. As a temporary workaround, restrict the handling of Open from mail box actions to minimize the risk of exploitation.Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Handy Password