vendor:
MixPad
by:
bzyo
9.3
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: MixPad
Affected Version From: v5.00
Affected Version To: v5.00
Patch Exists: YES
Related CWE: N/A
CPE: a:nch_software:mixpad
Metasploit:
N/A
Other Scripts:
N/A
Platforms Tested: Windows XP
2017
NCH Software MixPad v5.00 – Unicode Buffer Overflow
NCH Software MixPad is vulnerable to a buffer overflow vulnerability when a specially crafted file is opened. This can be exploited to execute arbitrary code by corrupting memory. The vulnerability is caused due to a boundary error when processing a specially crafted file. This can be exploited to cause a stack-based buffer overflow by writing past the end of an allocated fixed-length buffer.
Mitigation:
Upgrade to the latest version of NCH Software MixPad.