mirror of
https://github.com/0xMarcio/cve.git
synced 2025-06-08 22:17:19 +00:00
897 B
897 B
CVE-2011-3494
Description
WinSig.exe in eSignal 10.6.2425 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a long StyleTemplate element in a QUO, SUM or POR file, which triggers a stack-based buffer overflow, or (2) a long Font->FaceName field (aka FaceName element), which triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information.
POC
Reference
Github
No PoCs found on GitHub currently.