← back
CVE-2018-25288

StyleWriter 1.0 Denial of Service via Pattern Input

CVSS 6.9 MEDIUMEPSS 0.1%CWE-120
StyleWriter 1.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string. Attackers can paste a 6000-byte payload into the Pattern to Find or Advice Message fields in the Add Pattern dialog to trigger a denial of service condition.
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Affected products
Editorsoftware · StyleWriter
public PoCs found1
cve_referencewww.exploit-db.com/exploits/45250unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.exploit-db.com/exploits/45250https://www.vulncheck.com/advisories/stylewriter-denial-of-service-via-pattern-inputhttp://www.editorsoftware.comhttp://www.editorsoftware.com/StyleWriter_Download.php