vendor:
DiskBoss
by:
Paras Bhatia
N/A
CVSS
HIGH
Local Buffer Overflow
Buffer Overflow
CWE
Product Name: DiskBoss
Affected Version From: 7.7.14
Affected Version To: 7.7.14
Patch Exists: NO
Related CWE:
CPE: a:diskboss:diskboss:7.7.14
Platforms Tested: Windows 7 Ultimate Service Pack 1 (32 bit - English)
2020
DiskBoss 7.7.14 – ‘Input Directory’ Local Buffer Overflow (PoC)
The exploit allows an attacker to trigger a local buffer overflow vulnerability in DiskBoss version 7.7.14. By providing a specially crafted input directory, an attacker can execute arbitrary code on the target system. The vulnerability has been tested on Windows 7 Ultimate Service Pack 1 (32 bit - English).
Mitigation:
To mitigate this vulnerability, it is recommended to update to a patched version of DiskBoss.