Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
SpotAuditor 3.6.7 Denial of Service Buffer Overflow
Vulnerability Description
SpotAuditor 3.6.7 contains a local buffer overflow vulnerability in the Base64 Password Decoder component that allows attackers to crash the application. Attackers can supply an oversized Base64 string through the decoder interface to trigger a denial of service condition.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
跨界内存写
Vulnerability Title
Nsasoft SpotAuditor 缓冲区错误漏洞
Vulnerability Description
Nsasoft SpotAuditor是美国Nsasoft公司的一种高级密码恢复软件。用于恢复超过 40 种流行的 Windows 程序和工具丢失或忘记的密码。 SpotAuditor 3.6.7版本存在缓冲区错误漏洞,该漏洞源于Base64 Password Decoder组件存在本地缓冲区溢出,可能导致攻击者通过提供超长Base64字符串使应用程序崩溃,造成拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A