Programmer's Notepad ctags Processing Buffer Overflow

High Nessus Plugin ID 31410


The remote Windows host contains an application that is affected by a buffer overflow vulnerability.


Programmer's Notepad, an open source text editor for coders, is installed on the remote host.

The version of Programmer's Notepad installed on the remote host contains a buffer overflow that can be triggered when parsing ctags output. If an attacker can trick a user on the remote host to open a specially crafted file and use the 'Jump To' dialog, this issue could be leveraged to execute arbitrary code subject to the privileges of the current user.


Upgrade to Programmer's Notepad version or later.

See Also

Plugin Details

Severity: High

ID: 31410

File Name: pnotepad_ctags_overflow.nasl

Version: $Revision: 1.15 $

Type: local

Agent: windows

Family: Windows

Published: 2008/03/10

Modified: 2016/05/16

Dependencies: 13855

Risk Information

Risk Factor: High


Base Score: 9.3

Temporal Score: 8.1

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:pnotepad:programmers_notepad

Required KB Items: SMB/Registry/Enumerated

Exploit Available: false

Exploit Ease: No known exploits are available

Reference Information

CVE: CVE-2008-1210

BID: 28119

OSVDB: 42933

Secunia: 29233

CWE: 119