CVE-2018-25261— Iperius Backup 5.8.1 Local Buffer Overflow SEH

Iperius Backup 5.8.1 Local Buffer Overflow SEH

Iperius Backup 5.8.1 contains a local buffer overflow vulnerability in the structured exception handling (SEH) mechanism that allows local attackers to execute arbitrary code by supplying a malicious file path. Attackers can create a backup job with a crafted payload in the external file location field that triggers a buffer overflow when the backup job executes, enabling code execution with application privileges.

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

跨界内存写

Iperius Backup 缓冲区错误漏洞

Iperius Backup是意大利Iperius Backup公司的一个备份工具。 Iperius Backup 5.8.1版本存在缓冲区错误漏洞，该漏洞源于结构化异常处理机制存在本地缓冲区溢出，可能导致本地攻击者通过提供恶意文件路径执行任意代码。

N/A

N/A