Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Stack-Based Buffer Overflow in Notepad++ File Drop Handler leads to DoS
Vulnerability Description
A stack-based buffer overflow vulnerability exists in Notepad++ version 8.9.3 in the file drop handler component. When a user drags and drops a directory path of exactly 259 characters without a trailing backslash, the application appends a backslash and null terminator without proper bounds checking, resulting in a stack buffer overflow and application crash (STATUS_STACK_BUFFER_OVERRUN).
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N
Vulnerability Type
栈缓冲区溢出
Vulnerability Title
Notepad++ 安全漏洞
Vulnerability Description
Notepad++是中国台湾侯今吾(Don Ho)个人开发者的一款开源的纯文本编辑器。 Notepad++ 8.9.3版本存在安全漏洞,该漏洞源于文件拖放处理组件在用户拖放恰好259字符且无尾部反斜杠的目录路径时,会追加反斜杠和空终止符而缺乏适当的边界检查,可能导致栈缓冲区溢出和应用程序崩溃。
CVSS Information
N/A
Vulnerability Type
N/A