vendor:
Total Commander
by:
VIKRAMADITYA "-OPTIMUS"
7.5
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: Total Commander
Affected Version From: Total Commander 8.52
Affected Version To: Total Commander 8.52
Patch Exists: NO
Related CWE:
CPE: a:ghisler:total_commander:8.52
Platforms Tested: Windows 10
2015
Total Commander 8.52 Buffer Overflow
This exploit allows an attacker to create a buffer overflow in Total Commander 8.52. By executing a specially crafted python script, the attacker can create a file that triggers the buffer overflow when certain actions are performed in Total Commander. This can lead to remote code execution or denial of service.
Mitigation:
Update Total Commander to the latest version to fix the buffer overflow vulnerability. Avoid executing scripts or opening files from untrusted sources.