← voltar
CVE-2020-37188

SpotOutlook 1.2.6 - 'Name' Denial of Service

CVSS 4.6 MEDIUMEPSS 0.4%CWE-120
SpotOutlook 1.2.6 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can overwrite the buffer by pasting 1000 'A' characters into the 'Name' field, causing the application to become unresponsive.
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
Produtos afetados
Nsasoft · Nsauditor SpotOutlook

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://www.exploit-db.com/exploits/47906https://www.vulncheck.com/advisories/spotoutlook-name-denial-of-servicehttp://www.nsauditor.com/