CVE-2007-2666
CVE-2007-2666
Stack-based buffer overflow in LexRuby.cxx (SciLexer.dll) in Scintilla 1.73, as used by notepad++ 4.1.1 and earlier, allows user-assisted remote attackers to execute arbitrary code via certain Ruby (.rb) files with long lines. NOTE: this was originally reported as a vulnerability in notepad++.
Affected products
n/a · n/apublic PoCs found — 1
cve_referencewww.exploit-db.com/exploits/3912unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://osvdb.org/36007http://scintilla.cvs.sourceforge.net/scintilla/scintilla/src/LexRuby.cxx?view=log#rev1.13http://secunia.com/advisories/25245http://secunia.com/advisories/25327https://exchange.xforce.ibmcloud.com/vulnerabilities/34269https://exchange.xforce.ibmcloud.com/vulnerabilities/34372https://www.exploit-db.com/exploits/3912http://www.securityfocus.com/archive/1/468529/100/0/threadedhttp://www.securityfocus.com/archive/1/469348/100/100/threadedhttp://www.securityfocus.com/bid/23961http://www.vupen.com/english/advisories/2007/1794http://www.vupen.com/english/advisories/2007/1867