SOUND4 LinkAndShare Transmitter 1.1.2 Format String Stack Buffer Overflow
SOUND4 LinkAndShare Transmitter version 1.1.2 suffers from a format string memory leak and stack buffer overflow vulnerability because it fails to properly sanitize user supplied input when calling the getenv() function
from MSVCR120.DLL resulting in a crash overflowing the memory stack and
leaking sensitive information. The attacker can abuse the username
environment variable to trigger and potentially execute code on the
affected system.
https://packetstormsecurity.com/files/170945/ZSL-2023-5744.txt
Thu, 09 Feb 2023 16:41:26 GMT
________________________________
--- The information is for inforamtional purposes only.
* Origin: Read us with
http://winpoint.org JID:
rs@captflint.com (2:467/4.444)