published date: May 2, 2005

CVE-2005-1187 : Heap-based Buffer Overflow Vulnerability

Description

Heap-based buffer overflow in WinHex 12.05 SR-14, and possibly other versions, may allow attackers to execute arbitrary code via a long file name argument. NOTE: since this overflow is in the command line of an unprivileged program, it is highly likely that this is not a vulnerability.

Product(s):

X-Ways Software Technology AG WinHex 12.05 SR-14

CVSS:5.1 [Critical]
EPSS:1.24%
Exploitability:4.9
In KEV:No

Question to Ask Vendors:

Can you confirm whether your systems are affected by CVE-2005-1187, and if so, what steps are you currently taking to mitigate this vulnerability?
What is your estimated timeline for fully resolving CVE-2005-1187 in your products or services, and how will you communicate updates on this issue to us as your customer?

Recommended Actions:

Check out the advisory links provided below.

References:

https://nvd.nist.gov/vuln/detail/CVE-2005-1187

READY TO GET RESULTS YOU CAN TRUST?

Get a Demo Contact Sales