vendor:
Flash Slideshow Maker Professional
by:
Shubham Singh
N/A
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: Flash Slideshow Maker Professional
Affected Version From: 5.20
Affected Version To: 5.20
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested: Windows XP Service Pack 3 x86
2018
Flash Slideshow Maker Professional 5.20 – Buffer Overflow (SEH)
The exploit script creates a new file named 'exploit.txt' which is then copied into the 'Name' and 'Code' fields in the program. This triggers a buffer overflow vulnerability, resulting in a reverse shell being opened in the attacker's machine.
Mitigation:
Apply the latest patch or update to the software to fix the buffer overflow vulnerability. Avoid running the program with untrusted input.