Buffer overflow in Immunity Debugger
Posted date 17/03/2025
Identificador
INCIBE-2025-0142
Importance
3 - Medium
Affected Resources
Immunity Debugger, 1.85 version.
Description
INCIBE has coordinated the publication of a medium severity vulnerability affecting Immunity Debugger, a tool designed to analyze binaries, find vulnerabilities and understand software behaviour, which was discovered by Rafael Pedrero.
This vulnerability has been assigned the following code, CVSS v4.0 base score, CVSS vector and vulnerability type CWE:
- CVE-2025-2401: CVSS v4.0: 5.4 | CVSS AV:L/AC:H/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N | CWE-119
Solution
Immunity Debugger is no longer supported and is not available for download.
Detail
CVE-2025-2401: buffer overflow vulnerability in Immunity Debugger affecting version 1.85, its exploitation could allow a local attacker to execute arbitrary code, due to the lack of proper boundary checking.
Etiquetas