Bitsmith Software Personal Knowbase knowbase.exe FileOpen Dialogue Local Overflow

This script is Copyright (C) 2012-2016 Tenable Network Security, Inc.


Synopsis :

An application installed on the remote Windows host is affected by a
buffer overflow vulnerability.

Description :

The version of Bitsmith Personal Knowledge base installed on the
remote Windows host is prior to 3.2.4. It is, therefore, affected by a
local buffer overflow vulnerability that can be triggered by
specifying an oversized string for a specific registry value. This
vulnerability may allow for arbitrary code to be executed subject to
the user's privileges.

See also :

http://www.vulnerability-lab.com/get_content.php?id=474
http://www.bitsmithsoft.com/pkhist.htm#vers324

Solution :

Upgrade to Bitsmith Personal Knowbase 3.2.4 or later.

Risk factor :

Low / CVSS Base Score : 3.7
(CVSS2#AV:L/AC:H/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 3.3
(CVSS2#E:POC/RL:U/RC:ND)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 58649 ()

Bugtraq ID: 52826

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now