Notepad++ Ruby Source File Handling Overflow
High Nessus Plugin ID 25294
SynopsisThe remote Windows host has an application that is subject to a buffer overflow attack.
DescriptionNotepad++, a free source code editor and Notepad replacement, is installed on the remote Windows host.
The version of Notepad++ installed on the remote host reportedly contains a buffer overflow involving how it processes Ruby source code files. If an attacker can trick a user on the affected host into opening a specially crafted file of this type using Notepad++, he can leverage this issue to execute arbitrary code on the host subject to the user's privileges.
SolutionUpgrade to Notepad++ version 4.1.2 or later.