vendor:
GoldWave
by:
bzyo
7.8
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: GoldWave
Affected Version From: 5.70
Affected Version To: 5.70
Patch Exists: YES
Related CWE: N/A
CPE: a:goldwave:goldwave
Metasploit:
N/A
Other Scripts:
N/A
Platforms Tested: Windows 7 SP1 x86
2018
GoldWave 5.70 – Local Buffer Overflow (SEH Unicode)
GoldWave 5.70 is vulnerable to a local buffer overflow vulnerability when a maliciously crafted file is opened. This can be exploited to execute arbitrary code by corrupting the SEH chain and overwriting the return address with a pointer to the shellcode.
Mitigation:
Upgrade to the latest version of GoldWave 5.70 or later.
