CVE-2018-25369

Visual Ping 0.8.0.0 Buffer Overflow Denial of Service

CVSS 6.9 MEDIUMEPSS 0.2%CWE-120

Visual Ping 0.8.0.0 contains a buffer overflow vulnerability in input field handling that allows local attackers to crash the application by supplying oversized data. Attackers can inject malicious payloads exceeding 4108 bytes into the Host, Time Out, Packet Size, Pause, or Loops fields to trigger a denial of service condition.

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Productos afectados

scanwith · Visual Ping

PoCs públicas encontradas — 1

cve_referencewww.exploit-db.com/exploits/45316no verificado

⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://www.exploit-db.com/exploits/45316 https://www.vulncheck.com/advisories/visual-ping-buffer-overflow-denial-of-service http://www.itlights.com http://www.scanwith.com/download/Free_Visual_Ping.htm