Searching
..

Click anywhere to stop

KLA11062
Arbitrary code execution vulnerability in Notepad++

Updated: 05/19/2022
Detect date
?
07/05/2017
Severity
?
High
Description

An unspecified vulnerability was found in Notepad++ 7.3.3 with Hex Editor Plugin v0.9.5. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed file or an untrusted specially designed file from a remote location and issuing several user-defined commands.


Technical details

This vulnerability exists because of a “Data from Faulting Address controls Code Flow” issue.

NB: This vulnerability doesn’t have any public CVSS rating so rating can be changed by the time.

Affected products

Notepad++ version 7.3.3

Solution

Update to the latest version
Download Notepad++

Original advisories

wlinzi on Github

Impacts
?
ACE 
[?]
Related products
Notepad++
Find out the statistics of the vulnerabilities spreading in your region