Has the buffer overflow vulnerability in Explorer++ affecting version 1.3.5.531 been mitigated in version 1.40 and newer versions? If not, is there plans to mitigate in the near future?
Issue:
A local attacker could execute arbitrary code via a long filename argument by monitoring Structured Exception Handler (SEH) records.
CVE Record:
https://cve.org/CVERecord?id=CVE-2024-0645
NIST Database:
https://nvd.nist.gov/vuln/detail/CVE-20 ... orySection
Buffer overflow vulnerability in Explorer++
-
- Site Admin
- Posts: 944
- Joined: Sat Apr 18, 2009 1:46 am
Re: Buffer overflow vulnerability in Explorer++
From what I understand, the issue here arises when passing a long command line argument. The command line handling code has been completely replaced in 1.4, so it should no longer be a problem.
The other point I'd make is that if an attacker can execute arbitrary programs with arbitrary arguments, there are much more direct ways of doing whatever they want. So I'd consider this to be more of a bug than a vulnerability.
The other point I'd make is that if an attacker can execute arbitrary programs with arbitrary arguments, there are much more direct ways of doing whatever they want. So I'd consider this to be more of a bug than a vulnerability.