Searching
..

Click anywhere to stop

KLA60810
Multiple vulnerabilities in Notepad++

Обновлено: 25/01/2024
Дата обнаружения
08/09/2023
Уровень угрозы
High
Описание

Multiple vulnerabilities were found in Notepad++. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information.

Below is a complete list of vulnerabilities:

  1. Heap buffer vulnerability in Utf8_16_Read::convert can be exploited to execute arbitrary code.
  2. Buffer read overflow vulnerability in CharDistributionAnalysis::HandleOneChar can be exploited to obtain sensitive information.
  3. Buffer read overflow vulnerability in nsCodingStateMachine::NextStater can be exploited to obtain sensitive information.
  4. Heap buffer read overflow vulnerability in FileManager::detectLanguageFromTextBegining can be exploited to obtain sensitive information.
Эксплуатация

Public exploits exist for this vulnerability.

Пораженные продукты

Notepad++ earlier than 8.5.7

Решение

Update to the latest version
Download Notepad++

Первичный источник обнаружения
Notepad++ v8.5.7 bug-fixes and new features:
Оказываемое влияние
?
ACE 
[?]

OSI 
[?]

DoS 
[?]
Связанные продукты
Notepad++
CVE-IDS
Узнай статистику распространения уязвимостей в твоем регионе