Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
FlexHEX 2.71 Local Buffer Overflow via SEH Unicode
Vulnerability Description
FlexHEX 2.71 contains a local buffer overflow vulnerability in the Stream Name field that allows local attackers to execute arbitrary code by triggering a structured exception handler (SEH) overflow. Attackers can craft a malicious text file with carefully aligned shellcode and SEH chain pointers, paste the contents into the Stream Name dialog, and execute arbitrary commands like calc.exe when the exception handler is triggered.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
危险类型文件的不加限制上传
Vulnerability Title
FlexHEX 代码问题漏洞
Vulnerability Description
FlexHEX是FlexHEX开源的一个十六进制数据编辑器。 FlexHEX 2.71版本存在代码问题漏洞,该漏洞源于Stream Name字段存在本地缓冲区溢出,可能导致本地攻击者通过触发结构化异常处理程序溢出执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A