SpotAuditor 5.3.2 contains a local buffer overflow vulnerability in the Base64 Encrypted Password tool that allows attackers to execute arbitrary code by crafting a malicious payload. Attackers can generate a specially crafted Base64 encoded payload to trigger a Structured Exception Handler (SEH) overwrite and execute shellcode on the vulnerable system.
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XNsasoft Spotauditor
APPNsasoft5.3.2
Related vulnerabilities
SpotAuditor 3.6.7 contains a local buffer overflow vulnerability in the Base64 Password Decoder component that...
SpotAuditor 5.2.6 contains a denial of service vulnerability in the registration dialog that allows local atta...
SpotAuditor 5.3.1.0 contains a denial of service vulnerability that allows unauthenticated attackers to crash ...
SpotAuditor 5.3.2 contains a denial of service vulnerability in its Base64 decryption feature that allows atta...
An issue was discovered in Nsasoft US LLC SpotAuditor 5.3.5. The program can be crashed by entering 300 bytes ...