Buffer Overflow Vulnerability in Explorer++

Posted date 17/01/2024
Identificador
INCIBE-2024-0024
Importance
4 - High
Affected Resources
  • Explorer++.exe, 1.3.5.531 version.
Description

INCIBE has coordinated the publication of a high severity vulnerability affecting Explorer++.exe, 1.3.5.531 version, a lightweight and fast file manager for Windows, which has been discovered by Rafael Pedrero.

This vulnerability have been assigned the following code, CVSS v3.1 base score, CVSS vector and the CWE vulnerability type of each vulnerability:

  • CVE-2024-0645: 7.3 | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H | CWE-119 

Solution

There is no reported solution at this time.

Detail
  • CVE-2024-0645: buffer overflow vulnerability in Explorer++ affecting version 1.3.5.531. A local attacker could execute arbitrary code via a long filename argument by monitoring Structured Exception Handler (SEH) records.
References list
Etiquetas