Buffer Overflow vulnerability in Frhed

Posted date
27/11/2023
Importance
4 - Alta
Affected Resources
  • Frhed 1.6.0 version.
Description

INCIBE has coordinated the publication of one vulnerabilitiy that affects Frhed, a binary file editor for Windows, which has been discovered by Rafael Pedrero.

This vulnerabilitiy has been assigned the following code, CVSS v3.1 base score, CVSS vector string, and CWE vulnerability type:

  • CVE-2023-4590: CVSS v3.1: 7.3 | CVSS: AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H | CWE-120.
Solution

There is no reported solution at this time.

Detail
  • CVE-2023-4590: buffer overflow vulnerability in Frhed hex editor, affecting version 1.6.0. This vulnerability could allow an attacker to execute arbitrary code via a long filename argument through the Structured Exception Handler (SEH) registers.
References list
Etiquetas

botón arriba