Stack-Based Buffer Overflow in Microchip MPLAB IDE
CVE-2009-1674

Currently unrated

Key Information:

Vendor: Microchip
Status: Mplab Ide
Vendor: CVE Published:; 18 May 2009

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 17%

What is CVE-2009-1674?

A stack-based buffer overflow vulnerability exists in Microchip MPLAB IDE 8.30 that could be exploited by remote attackers. The issue is triggered when a long .cof pathname in the [TOOL_SETTINGS] section of a .mcp project file is processed, potentially allowing attackers to execute arbitrary code on the target system. This vulnerability may be related to similar issues identified in other advisories, underscoring the importance of maintaining security best practices and applying relevant security patches.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2009-1674 - Proof of Concept

References

https://www.exploit-db.com/exploits/8656

exploitx_refsource_EXPLOIT-DB

http://secunia.com/advisories/35054

third-party-advisoryx_refsource_SECUNIA

EPSS Score

17% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
May 18, 2009
👾
Exploit known to exist
May 18, 2009
Vulnerability published
May 18, 2009
Vulnerability Reserved
May 18, 2009

CVE-2009-1674 Data

JSON