CVE-2023-6362

Summary

A vulnerability has been discovered in Winhex affecting version 16.1 SR-1 and 20.4. This vulnerability consists of a buffer overflow controlling the Structured Exception Handler (SEH) registers. This could allow attackers to execute arbitrary code via a long filename argument.

Affected Software

VendorProductVersion RangeStatus
WinHexWinHex16.1 SR-1affected
WinHexWinHex20.4affected

Weaknesses

  • CWE-119: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References