CVE-2023-42757

May 7, 2024, 8:07 p.m.

Product(s) Impacted

Process Explorer

before 17.04

Description

Process Explorer before 17.04 allows attackers to make it functionally unavailable (a denial of service for analysis) by renaming an executable file to a new extensionless 255-character name and launching it with NtCreateUserProcess. This can occur through an issue in wcscat_s error handling.

Weaknesses

Date

Published: May 7, 2024, 6:15 p.m.

Last Modified: May 7, 2024, 8:07 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

References

https://github.com/SafeBreach-Labs/MagicDot

cve@mitre.org

https://www.blackhat.com/asia-24/briefings/schedule/#magicdot-a-hackers-magic-show-of-disappearing-dots-and-spaces-36561

cve@mitre.org

https://www.safebreach.com/blog/magicdot-a-hackers-magic-show-of-disappearing-dots-and-spaces/

cve@mitre.org

CVE-2023-42757

Tags

Product(s) Impacted

Description

Weaknesses

Date

Status : Awaiting Analysis

Source

References

Share