Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
AIDA64 Extreme 5.99.4900 SEH Buffer Overflow via Logging
Vulnerability Description
AIDA64 Extreme 5.99.4900 contains a structured exception handler buffer overflow vulnerability in the logging functionality that allows local attackers to execute arbitrary code by supplying a malicious CSV log file path. Attackers can inject shellcode through the Hardware Monitoring logging preferences to overflow the buffer and trigger code execution when the application processes the log file path.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
跨界内存写
Vulnerability Title
FinalWire AIDA64 Extreme 缓冲区错误漏洞
Vulnerability Description
FinalWire AIDA64 Extreme是FinalWire公司的一款用于系统信息检测、硬件监控和性能测试的诊断软件。 FinalWire AIDA64 Extreme 5.99.4900版本存在缓冲区错误漏洞,该漏洞源于日志功能存在结构化异常处理程序缓冲区溢出,可能导致本地攻击者通过提供恶意CSV日志文件路径执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A