Buffer Overflow Vulnerability in Explorer++

Posted date 17/01/2024

Importance

4 - High

Affected Resources

Explorer++.exe, 1.3.5.531 version.

Description

INCIBE has coordinated the publication of a high severity vulnerability affecting Explorer++.exe, 1.3.5.531 version, a lightweight and fast file manager for Windows, which has been discovered by Rafael Pedrero.

This vulnerability have been assigned the following code, CVSS v3.1 base score, CVSS vector and the CWE vulnerability type of each vulnerability:

CVE-2024-0645: 7.3 | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H | CWE-119

Solution

There is no reported solution at this time.

Detail

CVE-2024-0645: buffer overflow vulnerability in Explorer++ affecting version 1.3.5.531. A local attacker could execute arbitrary code via a long filename argument by monitoring Structured Exception Handler (SEH) records.

References list

Product sheet - Explorer++

Etiquetas

0day
CNA
Vulnerability