Infesting you with Virus News
 

Vulnerabilities

BreakPoint Software Hex Workshop 5.1.4 buffer overflow and DDOS vulnerability (PC1-2008-1271)

Overview

Vulnerability chart

Risk level
  • Low
  • Medium
  • High
  • Extreme
  • Severe
Warning: security vulnerability level = severe
2 vulnerabilities(-y) found between 30 December, 2008 and 4 March, 2009.
BreakPoint Software creates quality development tools for software... more
A buffer overflow vulnerability in BreakPoint Software Hex Workshop 5.1.4 was found.
DDOS
Unknown patch
availability
Patch implementation
unknown

References to Advisories, Solutions, and Tools

Description:

With the help of this type of buffer overflow vulnerability, user-assisted attackers are able to cause a denial of service. In addition, by using this vulnerability they are able most likely to execute arbitrary code through a long mapping reference in a Color Mapping (.cmap) file.

Impact:

By the vulnerability in BreakPoint Software Hex Workshop 5.1.4, user-assisted attackers may get administrator access. It also offers partial confidentiality, integrity, and availability violation. Moreover, the information can be revealed and changes can be made without any authorization. With the help of this vulnerability, a service can be broken up.

References:http://www.securityfocus.com/bid/33023
http://www.milw0rm.com/exploits/7592

Impact

CVSS Severity

CVSS Version 2 Metrics:

CVSS v2 Base Score:6.8 (MEDIUM)Access Vector:N/A
Impact Subscore: 6.4Access Complexity: Medium
Exploitability Subscore: 8.6Authentication: Not required to exploit
Impact Type:Provides unauthorized access, Allows partial confidentiality, integrity, and availability violation; Allows unauthorized disclosure of information; Allows disruption of service

Say something interesting!

Name:
Email:
Website:
Comment:
Please type 5-digit security code below:
Captcha image for spam protection

Latest Comments

March 10, 2010
misa campo is much better u *** tards more..
March 10, 2010
go to bleeping computer.com..d .. r.com..downloada file called Rkill. But first if you are having trouble... more..
March 10, 2010
dr. guard is the worst i've encountered. I manually made all the deletions of files and registry entries.... more..
more comments..
rss
Home > Vulnerabilities > PC1-2008-1271