Vulnerabilities

BreakPoint Software Hex Workshop 5.1.4 buffer overflow and DDOS vulnerability (PC1-2008-1271)

Vulnerability chart	Risk level Low Medium High Extreme Severe Warning: security vulnerability level = severe 2 vulnerabilities(-y) found between 30 December, 2008 and 4 March, 2009. BreakPoint Software creates quality development tools for software... more A buffer overflow vulnerability in BreakPoint Software Hex Workshop 5.1.4 was found.
DDOS Unknown patch availability Patch implementation unknown

Description:	With the help of this type of buffer overflow vulnerability, user-assisted attackers are able to cause a denial of service. In addition, by using this vulnerability they are able most likely to execute arbitrary code through a long mapping reference in a Color Mapping (.cmap) file.
Impact:	By the vulnerability in BreakPoint Software Hex Workshop 5.1.4, user-assisted attackers may get administrator access. It also offers partial confidentiality, integrity, and availability violation. Moreover, the information can be revealed and changes can be made without any authorization. With the help of this vulnerability, a service can be broken up.
References:	http://www.securityfocus.com/bid/33023 http://www.milw0rm.com/exploits/7592

CVSS Severity		CVSS Version 2 Metrics:
CVSS v2 Base Score:	6.8 (MEDIUM)	Access Vector:	N/A
Impact Subscore:	6.4	Access Complexity:	Medium
Exploitability Subscore:	8.6	Authentication:	Not required to exploit
		Impact Type:	Provides unauthorized access, Allows partial confidentiality, integrity, and availability violation; Allows unauthorized disclosure of information; Allows disruption of service