Vulnerability Description
Heap-based buffer overflow in WinHex 12.05 SR-14, and possibly other versions, may allow attackers to execute arbitrary code via a long file name argument. NOTE: since this overflow is in the command line of an unprivileged program, it is highly likely that this is not a vulnerability.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| X-Ways Software Technology Ag | Winhex | 12.05_sr-14 |
References
- http://securitytracker.com/id?1013727
- http://www.unl0ck.org/files/papers/winhex.txtURL Repurposed
- https://exchange.xforce.ibmcloud.com/vulnerabilities/20139
- http://securitytracker.com/id?1013727
- http://www.unl0ck.org/files/papers/winhex.txtURL Repurposed
- https://exchange.xforce.ibmcloud.com/vulnerabilities/20139
FAQ
What is CVE-2005-1187?
CVE-2005-1187 is a vulnerability with a CVSS score of 5.1 (MEDIUM). Heap-based buffer overflow in WinHex 12.05 SR-14, and possibly other versions, may allow attackers to execute arbitrary code via a long file name argument. NOTE: since this overflow is in the command...
How severe is CVE-2005-1187?
CVE-2005-1187 has been rated MEDIUM with a CVSS base score of 5.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-1187?
Check the references section above for vendor advisories and patch information. Affected products include: X-Ways Software Technology Ag Winhex.