← volver
CVE-2020-37188

SpotOutlook 1.2.6 - 'Name' Denial of Service

CVSS 4.6 MEDIUMEPSS 0.4%CWE-120
SpotOutlook 1.2.6 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can overwrite the buffer by pasting 1000 'A' characters into the 'Name' field, causing the application to become unresponsive.
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
Productos afectados
Nsasoft · Nsauditor SpotOutlook

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://www.exploit-db.com/exploits/47906https://www.vulncheck.com/advisories/spotoutlook-name-denial-of-servicehttp://www.nsauditor.com/