Arbitrary Code Execution Vulnerability in Winhex
CVE-2023-6361
7.3HIGH
What is CVE-2023-6361?
A buffer overflow vulnerability has been identified in Winhex, specifically affecting versions 16.1 SR-1 and 20.4. This flaw allows unauthorized control over the Structured Exception Handler (SEH) registers, which can potentially enable attackers to execute arbitrary code by exploiting excessively long filename arguments. Such an exploit could compromise the security of affected systems, highlighting the importance of timely updates and monitoring for this vulnerability.
Affected Version(s)
WinHex 16.1 SR-1
WinHex 20.4