Home / os / symbian

SOUND4 LinkAndShare Transmitter 1.1.2 Format String Stack Buffer Overflow

Posted on 09 February 2023

SOUND4 LinkAndShare Transmitter version 1.1.2 suffers from a format string memory leak and stack buffer overflow vulnerability because it fails to properly sanitize user supplied input when calling the getenv() function from MSVCR120.DLL resulting in a crash overflowing the memory stack and leaking sensitive information. The attacker can abuse the username environment variable to trigger and potentially execute code on the affected system.

 

TOP