Описание
Stack-based buffer overflow in LexRuby.cxx (SciLexer.dll) in Scintilla 1.73, as used by notepad++ 4.1.1 and earlier, allows user-assisted remote attackers to execute arbitrary code via certain Ruby (.rb) files with long lines. NOTE: this was originally reported as a vulnerability in notepad++.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 4.1.1 (включая)
Одно из
cpe:2.3:a:notepad\+\+:notepad\+\+:*:*:*:*:*:*:*:*
cpe:2.3:a:scintilla:scintilla:1.73:*:*:*:*:*:*:*
EPSS
Процентиль: 95%
0.19106
Средний
7.6 High
CVSS2
Дефекты
CWE-119
Связанные уязвимости
github
почти 4 года назад
Stack-based buffer overflow in LexRuby.cxx (SciLexer.dll) in Scintilla 1.73, as used by notepad++ 4.1.1 and earlier, allows user-assisted remote attackers to execute arbitrary code via certain Ruby (.rb) files with long lines. NOTE: this was originally reported as a vulnerability in notepad++.
EPSS
Процентиль: 95%
0.19106
Средний
7.6 High
CVSS2
Дефекты
CWE-119