ГлавнаяУязвимости → CVE-2019-25701
8.4высокая

CVE-2019-25701

Описание

Easy Video to iPod Converter 1.6.20 contains a local buffer overflow vulnerability in the user registration field that allows local attackers to overwrite the structured exception handler. Attackers can input a crafted payload exceeding 996 bytes in the username field to trigger SEH overwrite and execute arbitrary code with user privileges.

Затрагиваемое ПО
Ether software Easy video to ipod converter
CVSS
Балл8.4 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
http://www.divxtodvd.net/http://www.divxtodvd.net/easy_video_to_ipod.exehttps://www.exploit-db.com/exploits/46255https://www.vulncheck.com/advisories/easy-video-to-ipod-converter-local-buffer-overflow-seh