SpotAuditor 5.3.2 contains a denial of service vulnerability in its Base64 decryption feature that allows attackers to crash the application by supplying an oversized buffer. Attackers can generate a malformed input file with 2000 repeated characters to trigger an application crash when pasted into the Base64 Encrypted Password field.
oryginał ENCVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XNsasoft Spotauditor
APPNsasoft5.3.2
Powiązane podatności
SpotAuditor 5.3.2 contains a local buffer overflow vulnerability in the Base64 Encrypted Password tool that al...
SpotAuditor 3.6.7 contains a local buffer overflow vulnerability in the Base64 Password Decoder component that...
SpotAuditor 5.2.6 contains a denial of service vulnerability in the registration dialog that allows local atta...
SpotAuditor 5.3.1.0 contains a denial of service vulnerability that allows unauthenticated attackers to crash ...
An issue was discovered in Nsasoft US LLC SpotAuditor 5.3.5. The program can be crashed by entering 300 bytes ...