Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
TuneClone 2.20 Structured Exception Handler Buffer Overflow
Vulnerability Description
TuneClone 2.20 contains a structured exception handler (SEH) buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious license code string. Attackers can craft a payload with a controlled buffer, NSEH jump instruction, and SEH handler address pointing to a ROP gadget, then paste it into the license code field to trigger code execution and establish a bind shell.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
跨界内存写
Vulnerability Title
TuneClone 缓冲区错误漏洞
Vulnerability Description
TuneClone是TuneClone公司的一款音频转换工具。 TuneClone 2.20版本存在缓冲区错误漏洞,该漏洞源于结构化异常处理程序缓冲区溢出,可能导致本地攻击者通过提供恶意许可证代码字符串执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A