CVE Catalog

CVE-2018-25360

High
Published: Translated: NVD NIST

Summary

AgataSoft Auto PingMaster 1.5 contains a stack-based buffer overflow vulnerability in the Trace Route host name field that allows local attackers to execute arbitrary code by triggering structured exception handling.

Risk Assessment

Attackers can craft a malicious ping.txt file with shellcode, leading to the potential execution of unauthorized code within the application, posing a serious security threat to the system.

Recommendation

It is recommended to update to the latest version of AgataSoft Auto PingMaster to mitigate this vulnerability and to monitor systems for potential attack attempts.

Original NVD description (English source)

AgataSoft Auto PingMaster 1.5 contains a stack-based buffer overflow vulnerability in the Trace Route host name field that allows local attackers to execute arbitrary code by triggering structured exception handling. Attackers can craft a malicious ping.txt file with shellcode and jump instructions that overwrite the SEH handler pointer to achieve code execution when the file contents are pasted into the application.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS