CVE-2021-47970

Macaron Notes 5.5 Denial of Service via Buffer Overflow

CVSS 8.7 HIGHEPSS 0.3%CWE-789

Macaron Notes 5.5 contains a denial of service vulnerability that allows attackers to crash the application by creating notes with excessively long character strings. Attackers can generate a payload containing 350000 repeated characters and paste it into a note field to trigger application crash and stop functionality.

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected products

Macaron Notes · Macaron Notes

public PoCs found — 1

cve_referencewww.exploit-db.com/exploits/49953unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.exploit-db.com/exploits/49953 https://www.vulncheck.com/advisories/macaron-notes-denial-of-service-via-buffer-overflow