Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2011-10024

Summary
Assigner-VulnCheck
Assigner Org ID-83251b91-4cc7-4094-a5c7-464a1b83ea10
Published At-20 Aug, 2025 | 15:37
Updated At-22 Aug, 2025 | 16:14
Rejected At-
Credits

MJM Core Player 2011 .s3m File Stack-Based Buffer Overflow

MJM Core Player (likely now referred to as MJM Player) 2011 is vulnerable to a stack-based buffer overflow when parsing specially crafted .s3m music files. The vulnerability arises from improper bounds checking in the file parser, allowing an attacker to overwrite memory on the stack and execute arbitrary code. Exploitation is triggered when a user opens a malicious .s3m file, and the exploit bypasses DEP and ASLR protections using a ROP chain.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:VulnCheck
Assigner Org ID:83251b91-4cc7-4094-a5c7-464a1b83ea10
Published At:20 Aug, 2025 | 15:37
Updated At:22 Aug, 2025 | 16:14
Rejected At:
▼CVE Numbering Authority (CNA)
MJM Core Player 2011 .s3m File Stack-Based Buffer Overflow

MJM Core Player (likely now referred to as MJM Player) 2011 is vulnerable to a stack-based buffer overflow when parsing specially crafted .s3m music files. The vulnerability arises from improper bounds checking in the file parser, allowing an attacker to overwrite memory on the stack and execute arbitrary code. Exploitation is triggered when a user opens a malicious .s3m file, and the exploit bypasses DEP and ASLR protections using a ROP chain.

Affected Products
Vendor
MJM Software
Product
Core Player
Modules
  • .s3m file parser
Default Status
unknown
Versions
Affected
  • 2011
Problem Types
TypeCWE IDDescription
CWECWE-121CWE-121 Stack-based Buffer Overflow
Type: CWE
CWE ID: CWE-121
Description: CWE-121 Stack-based Buffer Overflow
Metrics
VersionBase scoreBase severityVector
4.08.4HIGH
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Version: 4.0
Base score: 8.4
Base severity: HIGH
Vector:
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-100CAPEC-100 Overflow Buffers
CAPEC ID: CAPEC-100
Description: CAPEC-100 Overflow Buffers
Solutions
Configurations
Workarounds
Exploits
Credits
finder
rick2600
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://web.archive.org/web/20111016195816/https://www.corelan.be/index.php/forum/security-advisories/corelan-11-004-mjm-core-multimedia-suite-2011-2-4-stack-buffer-overflow-s3m/
technical-description
exploit
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/mjm_coreplayer2011_s3m.rb
exploit
https://www.exploit-db.com/exploits/17230
exploit
https://mjm-software.com
product
https://www.vulncheck.com/advisories/mjm-core-player-file-stack-based-buffer-overflow
third-party-advisory
Hyperlink: https://web.archive.org/web/20111016195816/https://www.corelan.be/index.php/forum/security-advisories/corelan-11-004-mjm-core-multimedia-suite-2011-2-4-stack-buffer-overflow-s3m/
Resource:
technical-description
exploit
Hyperlink: https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/mjm_coreplayer2011_s3m.rb
Resource:
exploit
Hyperlink: https://www.exploit-db.com/exploits/17230
Resource:
exploit
Hyperlink: https://mjm-software.com
Resource:
product
Hyperlink: https://www.vulncheck.com/advisories/mjm-core-player-file-stack-based-buffer-overflow
Resource:
third-party-advisory
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.exploit-db.com/exploits/17230
exploit
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/mjm_coreplayer2011_s3m.rb
exploit
Hyperlink: https://www.exploit-db.com/exploits/17230
Resource:
exploit
Hyperlink: https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/mjm_coreplayer2011_s3m.rb
Resource:
exploit
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:disclosure@vulncheck.com
Published At:20 Aug, 2025 | 16:15
Updated At:22 Aug, 2025 | 18:09

MJM Core Player (likely now referred to as MJM Player) 2011 is vulnerable to a stack-based buffer overflow when parsing specially crafted .s3m music files. The vulnerability arises from improper bounds checking in the file parser, allowing an attacker to overwrite memory on the stack and execute arbitrary code. Exploitation is triggered when a user opens a malicious .s3m file, and the exploit bypasses DEP and ASLR protections using a ROP chain.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.08.4HIGH
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Secondary
Version: 4.0
Base score: 8.4
Base severity: HIGH
Vector:
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-121Secondarydisclosure@vulncheck.com
CWE ID: CWE-121
Type: Secondary
Source: disclosure@vulncheck.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://mjm-software.comdisclosure@vulncheck.com
N/A
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/mjm_coreplayer2011_s3m.rbdisclosure@vulncheck.com
N/A
https://web.archive.org/web/20111016195816/https://www.corelan.be/index.php/forum/security-advisories/corelan-11-004-mjm-core-multimedia-suite-2011-2-4-stack-buffer-overflow-s3m/disclosure@vulncheck.com
N/A
https://www.exploit-db.com/exploits/17230disclosure@vulncheck.com
N/A
https://www.vulncheck.com/advisories/mjm-core-player-file-stack-based-buffer-overflowdisclosure@vulncheck.com
N/A
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/mjm_coreplayer2011_s3m.rb134c704f-9b21-4f2e-91b3-4a467353bcc0
N/A
https://www.exploit-db.com/exploits/17230134c704f-9b21-4f2e-91b3-4a467353bcc0
N/A
Hyperlink: https://mjm-software.com
Source: disclosure@vulncheck.com
Resource: N/A
Hyperlink: https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/mjm_coreplayer2011_s3m.rb
Source: disclosure@vulncheck.com
Resource: N/A
Hyperlink: https://web.archive.org/web/20111016195816/https://www.corelan.be/index.php/forum/security-advisories/corelan-11-004-mjm-core-multimedia-suite-2011-2-4-stack-buffer-overflow-s3m/
Source: disclosure@vulncheck.com
Resource: N/A
Hyperlink: https://www.exploit-db.com/exploits/17230
Source: disclosure@vulncheck.com
Resource: N/A
Hyperlink: https://www.vulncheck.com/advisories/mjm-core-player-file-stack-based-buffer-overflow
Source: disclosure@vulncheck.com
Resource: N/A
Hyperlink: https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/mjm_coreplayer2011_s3m.rb
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Resource: N/A
Hyperlink: https://www.exploit-db.com/exploits/17230
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

65Records found
CVE-2020-37159
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.4||HIGH
EPSS-0.08% / 23.41%
||
7 Day CHG-0.15%
Published-06 Feb, 2026 | 23:14
Updated-17 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cuckoo Clock 5.0 - Buffer Overflow

Parallaxis Cuckoo Clock 5.0 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting memory registers in the alarm scheduling feature. Attackers can craft a malicious payload exceeding 260 bytes to overwrite EIP and EBP, enabling shellcode execution with potential remote code execution.

Action-Not Available
Vendor-Parallaxis
Product-Cuckoo Clock
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2020-37013
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.4||NONE
EPSS-0.02% / 4.09%
||
7 Day CHG~0.00%
Published-29 Jan, 2026 | 14:28
Updated-29 Jan, 2026 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Audio Playback Recorder 3.2.2 - Local Buffer Overflow (SEH)

Audio Playback Recorder 3.2.2 contains a local buffer overflow vulnerability in the eject and registration parameters that allows attackers to execute arbitrary code. Attackers can craft malicious payloads and overwrite Structured Exception Handler (SEH) to execute shellcode when pasting specially crafted input into the application's input fields.

Action-Not Available
Vendor-Tucows Inc.
Product-Audio Playback Recorder
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2020-37126
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.4||HIGH
EPSS-0.07% / 20.95%
||
7 Day CHG~0.00%
Published-05 Feb, 2026 | 16:13
Updated-05 Feb, 2026 | 21:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Free Desktop Clock x86 Venetian Blinds Zipper 3.0 - Unicode Stack Overflow (SEH)

Free Desktop Clock 3.0 contains a stack overflow vulnerability in the Time Zones display name input that allows attackers to overwrite Structured Exception Handler (SEH) registers. Attackers can exploit the vulnerability by crafting a malicious Unicode input that triggers an access violation and potentially execute arbitrary code.

Action-Not Available
Vendor-Drive Software Company
Product-Free Desktop Clock
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2020-36961
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.4||HIGH
EPSS-0.23% / 45.57%
||
7 Day CHG~0.00%
Published-28 Jan, 2026 | 17:35
Updated-29 Jan, 2026 | 18:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
10-Strike Network Inventory Explorer 8.65 - Buffer Overflow (SEH)

10-Strike Network Inventory Explorer 8.65 contains a buffer overflow vulnerability in exception handling that allows remote attackers to execute arbitrary code. Attackers can craft a malicious file with 209 bytes of padding and a specially constructed Structured Exception Handler to trigger code execution.

Action-Not Available
Vendor-10-Strike Software
Product-Network Inventory Explorer
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2020-37161
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.4||HIGH
EPSS-0.08% / 23.41%
||
7 Day CHG-0.15%
Published-06 Feb, 2026 | 23:14
Updated-17 Feb, 2026 | 16:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Wedding Slideshow Studio 1.36 - 'Name' Buffer Overflow

Wedding Slideshow Studio 1.36 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting the registration name field with malicious payload. Attackers can craft a specially designed payload to trigger remote code execution, demonstrating the ability to run system commands like launching the calculator.

Action-Not Available
Vendor-Wedding Slideshow Studio
Product-Wedding Slideshow Studio
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2020-36997
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.4||NONE
EPSS-0.04% / 11.40%
||
7 Day CHG~0.00%
Published-29 Jan, 2026 | 14:28
Updated-29 Jan, 2026 | 16:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BacklinkSpeed 2.4 - Buffer Overflow PoC (SEH)

BacklinkSpeed 2.4 contains a buffer overflow vulnerability that allows attackers to corrupt the Structured Exception Handler (SEH) chain through malicious file import. Attackers can craft a specially designed payload file to overwrite SEH addresses, potentially executing arbitrary code and gaining control of the application.

Action-Not Available
Vendor-Dummysoftware
Product-BacklinkSpeed
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2020-37176
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.4||HIGH
EPSS-0.07% / 20.95%
||
7 Day CHG+0.02%
Published-11 Feb, 2026 | 20:36
Updated-13 Feb, 2026 | 17:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Torrent 3GP Converter 1.51 - Stack Overflow (SEH)

Torrent 3GP Converter 1.51 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) registers. Attackers can craft a malicious payload targeting the application's registration dialog to trigger code execution and open the calculator through carefully constructed buffer overflow techniques.

Action-Not Available
Vendor-Torrentrockyou
Product-Torrent 3GP Converter
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2020-37183
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.4||HIGH
EPSS-0.07% / 20.95%
||
7 Day CHG+0.02%
Published-11 Feb, 2026 | 20:37
Updated-12 Feb, 2026 | 15:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Allok RM RMVB to AVI MPEG DVD Converter 3.6.1217 - Stack Overflow (SEH)

Allok RM RMVB to AVI MPEG DVD Converter 3.6.1217 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) registers. Attackers can craft a malicious payload in the License Name input field to trigger a buffer overflow and execute system commands like calc.exe.

Action-Not Available
Vendor-Allok Soft
Product-Allok RM RMVB to AVI MPEG DVD Converter
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2020-37066
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.4||HIGH
EPSS-0.07% / 20.53%
||
7 Day CHG~0.00%
Published-03 Feb, 2026 | 22:01
Updated-04 Feb, 2026 | 20:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GoldWave 5.70 – Buffer Overflow (SEH Unicode)

GoldWave 5.70 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by crafting malicious input in the File Open URL dialog. Attackers can generate a specially crafted text file with Unicode-encoded shellcode to trigger a stack-based overflow and execute commands when the file is opened.

Action-Not Available
Vendor-GoldWave
Product-GoldWave
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2020-37001
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.4||NONE
EPSS-0.02% / 3.94%
||
7 Day CHG~0.00%
Published-29 Jan, 2026 | 14:28
Updated-29 Jan, 2026 | 16:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Frigate Professional 3.36.0.9 - 'Pack File' Buffer Overflow (SEH Egghunter)

Frigate Professional 3.36.0.9 contains a local buffer overflow vulnerability in the Pack File feature that allows attackers to execute arbitrary code by overflowing the 'Archive To' input field. Attackers can craft a malicious payload that overwrites the Structured Exception Handler (SEH) and uses an egghunter technique to execute a reverse shell payload.

Action-Not Available
Vendor-Frigate3
Product-Frigate Professional
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2020-37119
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.4||HIGH
EPSS-0.04% / 11.43%
||
7 Day CHG~0.00%
Published-05 Feb, 2026 | 16:13
Updated-09 Feb, 2026 | 22:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Nsauditor 3.2.1.0 - Buffer Overflow (SEH+ASLR bypass (3 bytes overwrite))

Nsauditor 3.0.28 and 3.2.1.0 contains a buffer overflow vulnerability in the DNS Lookup tool that allows attackers to execute arbitrary code by overwriting memory. Attackers can craft a malicious DNS query payload to trigger a three-byte overwrite, bypass ASLR, and execute shellcode through a carefully constructed exploit.

Action-Not Available
Vendor-nsasoftNsasoft
Product-nsauditorNsauditor
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-37120
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.4||HIGH
EPSS-0.23% / 45.57%
||
7 Day CHG~0.00%
Published-05 Feb, 2026 | 16:13
Updated-06 Feb, 2026 | 20:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rubo DICOM Viewer 2.0 - Buffer Overflow (SEH)

Rubo DICOM Viewer 2.0 contains a buffer overflow vulnerability in the DICOM server name input field that allows attackers to overwrite Structured Exception Handler (SEH). Attackers can craft a malicious text file with carefully constructed payload to execute arbitrary code by overwriting SEH and triggering remote code execution.

Action-Not Available
Vendor-Rubo Medical Imaging
Product-Rubo DICOM Viewer
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2020-37000
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.4||NONE
EPSS-0.13% / 32.99%
||
7 Day CHG~0.00%
Published-29 Jan, 2026 | 14:28
Updated-29 Jan, 2026 | 16:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Free MP3 CD Ripper 2.8 - Stack Buffer Overflow (SEH + Egghunter)

Free MP3 CD Ripper 2.8 contains a stack buffer overflow vulnerability that allows remote attackers to execute arbitrary code by crafting a malicious WAV file with oversized payload. Attackers can leverage a specially crafted exploit file with shellcode, SEH bypass, and egghunter technique to achieve remote code execution on vulnerable Windows systems.

Action-Not Available
Vendor-Cleanersoft Software
Product-Free MP3 CD Ripper
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2020-37124
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.4||HIGH
EPSS-0.07% / 20.95%
||
7 Day CHG~0.00%
Published-05 Feb, 2026 | 16:13
Updated-06 Feb, 2026 | 20:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
B64dec 1.1.2 - Buffer Overflow (SEH Overflow + Egg Hunter)

B64dec 1.1.2 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) with crafted input. Attackers can leverage an egg hunter technique and carefully constructed payload to inject and execute malicious code during base64 decoding process.

Action-Not Available
Vendor-4Mhz
Product-B64dec
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2020-37095
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.4||HIGH
EPSS-0.16% / 37.01%
||
7 Day CHG-0.31%
Published-06 Feb, 2026 | 23:14
Updated-17 Feb, 2026 | 17:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cyberoam Authentication Client 2.1.2.7 - Buffer Overflow (SEH)

Cyberoam Authentication Client 2.1.2.7 contains a buffer overflow vulnerability that allows remote attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) memory. Attackers can craft a malicious input in the 'Cyberoam Server Address' field to trigger a bind TCP shell on port 1337 with system-level access.

Action-Not Available
Vendor-Cyberoam
Product-Cyberoam Authentication Client
CWE ID-CWE-121
Stack-based Buffer Overflow
  • Previous
  • 1
  • 2
  • Next
Details not found