Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wp-pagenavi domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u918112125/domains/exploit.company/public_html/wp-includes/functions.php on line 6114
PC SOFT WinDEV Stack-based Buffer Overflow Vulnerability - exploit.company
header-logo
Suggest Exploit
vendor:
WinDEV
by:
Unknown
7.5
CVSS
HIGH
Stack-based Buffer Overflow
119
CWE
Product Name: WinDEV
Affected Version From: PC SOFT WinDEV 11
Affected Version To: Unknown (other versions and related products may also be affected)
Patch Exists: NO
Related CWE: Unknown
CPE: a:pc_soft:windev
Metasploit:
Other Scripts:
Platforms Tested: Unknown
Unknown

PC SOFT WinDEV Stack-based Buffer Overflow Vulnerability

PC SOFT WinDEV is prone to a stack-based buffer-overflow vulnerability when it attempts to process malformed project files. This issue occurs because the application fails to perform proper bounds-checking on user-supplied data before copying it to an insufficiently sized memory buffer. An attacker may exploit this issue to execute arbitrary code with the privileges of the user running the vulnerable application or to cause denial-of-service conditions. This may facilitate unauthorized access or privilege escalation.

Mitigation:

No specific mitigation or remediation steps provided
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/24693/info

PC SOFT WinDEV is prone to a stack-based buffer-overflow vulnerability when it attempts to process malformed project files. This issue occurs because the application fails to perform proper bounds-checking on user-supplied data before copying it to an insufficiently sized memory buffer.

An attacker may exploit this issue to execute arbitrary code with the privileges of the user running the vulnerable application or to cause denial-of-service conditions. This may facilitate unauthorized access or privilege escalation.

PC SOFT WinDEV 11 is reported vulnerable; other versions and related products (WinDEV Express, Mobile, and WebDEV) may also be affected. 

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/30255.zip

Navigation

Suggest Exploit

Services By CQR