Buffer Overflow Vulnerability Affects Winhex
CVE-2023-6362
7.3HIGH
Key Information:
- Vendor
- Winhex
- Status
- Winhex
- Vendor
- CVE Published:
- 7 October 2024
Summary
A buffer overflow vulnerability exists in Winhex affecting specific versions, allowing attackers to manipulate the Structured Exception Handler (SEH) registers. By supplying a long filename argument, malicious actors can potentially execute arbitrary code on the affected systems. Organizations using affected versions should implement necessary security updates to mitigate the associated risks.
Affected Version(s)
WinHex 16.1 SR-1
WinHex 20.4
References
CVSS V3.1
Score:
7.3
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Rafael Pedrero