Published: 08/01/2018 Updated: 11/04/2024

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 725

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Kentico 9.0 up to and including 11.0 has a stack-based buffer overflow via the SqlName, SqlPswd, Database, UserName, or Password field in a SilentInstall XML document. NOTE: the vendor disputes this issue because neither a buffer overflow nor a crash can be reproduced; also, reading XML documents is implemented exclusively with managed code within the Microsoft .NET Framework

Vulnerable Product	Search on Vulmon	Subscribe to Product
kentico kentico cms

Document Title: =============== Kentico CMS v110 - Stack Buffer Overflow Vulnerability References (Source): ==================== wwwvulnerability-labcom/get_contentphp?id=1943 webnvdnistgov/view/vuln/detail?vulnId=CVE-2018-5282 CVE-ID: ======= CVE-2018-5282 Release Date: ============= 2018-01-04 Vulnerability Laborator ...

Kentico CMS version 110 suffers from stack buffer overflow vulnerability ...

CWE-787 https://www.vulnerability-lab.com/get_content.php?id=1943 https://www.exploit-db.com/exploits/43547/https://nvd.nist.gov https://www.exploit-db.com/exploits/43547/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2018-5282

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect