PT-2024-15807 · Nsasoft · Nsasoft Product Key Explorer
Fernando.Mengali
·
Published
2024-01-21
·
Updated
2024-05-17
·
CVE-2024-0771
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Nsasoft Product Key Explorer version 4.0.9
Description
A vulnerability has been found in the component Registration Handler of Nsasoft Product Key Explorer. The manipulation of the argument
Name/Key leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.Recommendations
For Nsasoft Product Key Explorer version 4.0.9, consider disabling the
Registration Handler component until a patch is available to prevent memory corruption. Restrict access to the Name/Key argument to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.Exploit
Memory Corruption
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Nsasoft Product Key Explorer