Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
10-Strike LANState 8.8 Local Buffer Overflow SEH
Vulnerability Description
10-Strike LANState 8.8 contains a local buffer overflow vulnerability in structured exception handling that allows local attackers to execute arbitrary code by crafting malicious LSM map files. Attackers can create a specially formatted LSM file with a payload in the ObjCaption parameter that overflows the buffer, overwrites the SEH chain, and executes shellcode when the file is opened in the application.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
跨界内存写
Vulnerability Title
10-Strike LANState 缓冲区错误漏洞
Vulnerability Description
10-Strike LANState是美国10-Strike公司的一款用于 网络拓扑扫描、设备可视化监控和管理的Windows网络工具。 10-Strike LANState 8.8版本存在缓冲区错误漏洞,该漏洞源于结构化异常处理存在本地缓冲区溢出,可能导致本地攻击者通过特制LSM地图文件执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A