Summary
The host is installed with Notepad++
and is prone to Buffer Overflow Vulnerability.
Impact
Successful exploitation will allow
attackers to conduct denial of service attack or potentially allowing the execution of arbitrary code.
Impact Level: System/Application
Solution
No solution or patch is available as of
20th February, 2015. Information regarding this issue will be updated once the solution details are available. For updates refer
http://notepad-plus-plus.org/
Insight
The flaw exists as the user-supplied input
is not properly validated when handling a specially crafted XML file.
Affected
Notepad++ version 6.6.9 on Windows.
Detection
Get the installed version with the help
of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2014-9456 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- A-V Tronics InetServ POP3 Denial Of Service Vulnerability
- Adobe Flash CS3 SWF Processing Buffer Overflow Vulnerabilities
- Cscope putstring Multiple Buffer Overflow vulnerability
- Adobe InDesign 'INDD' File Handling Remote Buffer Overflow Vulnerability
- Adobe Reader 'XFDF' File Buffer Overflow Vulnerability (Windows)