Description

DLPnpAuditor.exe in DeviceLock Plug and Play Auditor (freeware) 5.72 has a Unicode Buffer Overflow (SEH).

Related CPE's

a

devicelock

plug_and_play_auditor

5.72

Vulnerable

References

http://hyp3rlinx.altervista.org/advisories/DEVICELOCK-PLUG-PLAY-AUDITOR-v5.72-UNICODE-BUFFER-OVERFLOW.txt

ExploitThird Party Advisory

http://packetstormsecurity.com/files/147516/DeviceLock-Plug-And-Play-Auditor-5.72-Buffer-Overflow.html

ExploitThird Party AdvisoryVDB Entry

https://www.exploit-db.com/exploits/44590/

ExploitThird Party AdvisoryVDB Entry

Weaknesses

[email protected]

Primary
CWE-119

CVSS impact metrics

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.8 · High

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2018-05-10T14:29:00.377

7 years ago

Last modified

2018-06-14T18:15:37.373

6 years ago