Summary
The host is installed with Notepad++
and is prone to Buffer Overflow Vulnerability.
Impact
Successful exploitation will allow
attackers to conduct denial of service attack or potentially allowing the execution of arbitrary code.
Impact Level: System/Application
Solution
No solution or patch is available as of
20th February, 2015. Information regarding this issue will be updated once the solution details are available. For updates refer
http://notepad-plus-plus.org/
Insight
The flaw exists as the user-supplied input
is not properly validated when handling a specially crafted XML file.
Affected
Notepad++ version 6.6.9 on Windows.
Detection
Get the installed version with the help
of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2014-9456 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Reader/Acrobat Multiple BOF Vulnerabilities - Jun09 (Win)
- Alpine tmail and dmail Buffer Overflow Vulnerabilities (Win)
- Adobe Reader 'Plug-in' Buffer Overflow Vulnerability (Linux)
- CA Internet Security Suite Plus 'KmxSbx.sys' Buffer Overflow Vulnerability
- Adobe Acrobat and Reader SING 'uniqueName' Buffer Overflow Vulnerability (Win)