Описание
Multiple vulnerabilities were found in Notepad++. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information.
Below is a complete list of vulnerabilities:
- Heap buffer vulnerability in Utf8_16_Read::convert can be exploited to execute arbitrary code.
- Buffer read overflow vulnerability in CharDistributionAnalysis::HandleOneChar can be exploited to obtain sensitive information.
- Buffer read overflow vulnerability in nsCodingStateMachine::NextStater can be exploited to obtain sensitive information.
- Heap buffer read overflow vulnerability in FileManager::detectLanguageFromTextBegining can be exploited to obtain sensitive information.
Первичный источник обнаружения
Эксплуатация
Public exploits exist for this vulnerability.
Связанные продукты
Список CVE
- CVE-2023-40031 critical
- CVE-2023-40036 high
- CVE-2023-40164 high
- CVE-2023-40166 high
Смотрите также
Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com
Нашли неточность в описании этой уязвимости? Дайте нам знать!