vendor:
SuperMailer
by:
Rafael Pedrero
N/A
CVSS
MEDIUM
Buffer overflow DoS
20
CWE
Product Name: SuperMailer
Affected Version From: v11.20
Affected Version To: v11.20
Patch Exists: YES
Related CWE:
CPE: a:supermailer:supermailer:11.20
Platforms Tested: Windows 7, 10
2021
SuperMailer v11.20 – Buffer overflow DoS
A vulnerability in Newsletter Software SuperMailer v11.20 could allow an attacker to cause a process crash resulting in a Denial of Service (DoS) condition for the application on an affected system. The vulnerability exists due to insufficient validation of certain elements with a configuration file malformed. An attacker could exploit this vulnerability by sending a user a malicious SMB (configuration file) file through a link or email attachment and persuading the user to open the file with the affected software on the local system. A successful exploit could allow the attacker to cause the application to crash when trying to load the malicious file.
Mitigation:
Update to the latest version of SuperMailer to fix the buffer overflow vulnerability.