← volver
CVE-2020-37066

GoldWave 5.70 – Buffer Overflow (SEH Unicode)

CVSS 8.4 HIGHEPSS 0.4%CWE-121
GoldWave 5.70 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by crafting malicious input in the File Open URL dialog. Attackers can generate a specially crafted text file with Unicode-encoded shellcode to trigger a stack-based overflow and execute commands when the file is opened.
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Productos afectados
GoldWave · GoldWave

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://www.exploit-db.com/exploits/48510https://www.goldwave.com/https://www.vulncheck.com/advisories/goldwave-buffer-overflow-seh-unicode