Buffer Overflow vulnerability in Frhed
Posted date 27/11/2023
Identificador
INCIBE-2023-0521
Importance
4 - High
Affected Resources
- Frhed 1.6.0 version.
Description
INCIBE has coordinated the publication of one vulnerabilitiy that affects Frhed, a binary file editor for Windows, which has been discovered by Rafael Pedrero.
This vulnerabilitiy has been assigned the following code, CVSS v3.1 base score, CVSS vector string, and CWE vulnerability type:
- CVE-2023-4590: CVSS v3.1: 7.3 | CVSS: AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H | CWE-120.
Solution
There is no reported solution at this time.
Detail
- CVE-2023-4590: buffer overflow vulnerability in Frhed hex editor, affecting version 1.6.0. This vulnerability could allow an attacker to execute arbitrary code via a long filename argument through the Structured Exception Handler (SEH) registers.
References list
Etiquetas