Buffer Overflow vulnerability in Frhed

Posted date 27/11/2023

Importance

4 - High

Affected Resources

Frhed 1.6.0 version.

Description

INCIBE has coordinated the publication of one vulnerabilitiy that affects Frhed, a binary file editor for Windows, which has been discovered by Rafael Pedrero.

This vulnerabilitiy has been assigned the following code, CVSS v3.1 base score, CVSS vector string, and CWE vulnerability type:

CVE-2023-4590: CVSS v3.1: 7.3 | CVSS: AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H | CWE-120.

Solution

There is no reported solution at this time.

Detail

CVE-2023-4590: buffer overflow vulnerability in Frhed hex editor, affecting version 1.6.0. This vulnerability could allow an attacker to execute arbitrary code via a long filename argument through the Structured Exception Handler (SEH) registers.

References list

Product sheet - Frhed

Etiquetas

0day
CNA
Vulnerability