vendor:
CloudMe Sync
by:
Prasenjit Kanti Paul
7.8
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: CloudMe Sync
Affected Version From: 1.11.0
Affected Version To: 1.11.2
Patch Exists: YES
Related CWE: CVE-2018-7886
CPE: a:cloudme:cloudme_sync:1.11.0
Metasploit:
N/A
Other Scripts:
N/A
Platforms Tested: Windows 7 SP1 x86
2018
Local Buffer Overflow on CloudMe Sync v1.11.0
A local buffer overflow vulnerability exists in CloudMe Sync v1.11.0 due to improper bounds checking of user-supplied data. An attacker can exploit this vulnerability by sending a specially crafted request to the vulnerable application. This can result in arbitrary code execution in the context of the application.
Mitigation:
Update CloudMe Sync to 1.11.2