CVE-2018-17408

Published: 03/10/2018 Updated: 24/08/2020

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 690

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Stack-based buffer overflows in Zahir Accounting Enterprise Plus 6 through build 10b allow remote malicious users to execute arbitrary code via a crafted CSV file that is accessed through the Import CSV File menu.

Vulnerable Product	Search on Vulmon	Subscribe to Product
zahiraccounting zahir enterprise plus 6

Zahir Enterprise Plus 6 build 10b suffers from a buffer overflow vulnerability ...

# Exploit Title: Zahir Enterprise Plus 6 build 10b - Buffer Overflow (SEH) # Google Dork: - # Date: 2018-09-28 # Exploit Author: modpr0be # Vendor Homepage: wwwzahiraccountingcom/ # Software Link: zahiraccountingcom/files/zahir-accounting-6-free-trialzip # Version: 6 (build 10b) - Download here: zahirsoftwarecom/zahirupdat ...

## # This module requires Metasploit: metasploitcom/download # Current source: githubcom/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit Rank = NormalRanking include Msf::Exploit::FILEFORMAT include Msf::Exploit::Seh def initialize(info={}) super(update_info(info, 'Name' => ...

CWE-787 https://www.exploit-db.com/exploits/45505/https://blog.spentera.id/zahir-accounting-enterprise-plus-6/https://www.exploit-db.com/exploits/45560/https://nvd.nist.gov https://packetstormsecurity.com/files/149620/Zahir-Enterprise-Plus-6-Build-10b-Buffer-Overflow.html https://www.exploit-db.com/exploits/45505/

CVE-2018-17408

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect