Multiple Notepad++ Flaws Let Attackers Execute Arbitrary Code
Plenty of Notepad++ Flaws Let Attackers Create Arbitrary Code
Plenty of Buffer Overflow vulnerabilities maintain been figured out in Notepad++ that may perchance additionally additionally be exploited by menace actors for malicious applications. The severities of these vulnerabilities differ from 5.5 (Medium) to 7.8 (Excessive).
The vulnerabilities are in step with heap buffer write overflow and heap buffer read overflow on some capabilities and libraries faded by Notepad++ machine, identified by Gitlab safety researcher Jaroslav LobaÄevski (@JarLob).
Notepad++ is an commence-source C++-primarily based fully mostly source code editor that works in Microsoft x86, x64, and AArch64-primarily based fully mostly architectures. Notepad++ helps tabbed editing and enables working with multiple recordsdata in a single window. Don Ho developed it.
Notepad++ has now not patched these vulnerabilities. On the other hand, per their coordinated disclosure coverage, GitLab printed these vulnerabilities alongside with the proof-of-understanding.
DoControl SaaS Safety Platform!
With DoControl, you may perchance well maintain your SaaS applications and files stable and stable by constructing workflows tailored to your needs With Up to date CASB, DLP.
CVE(s):
CVE-2023-40031: Heap buffer write overflow in Utf8_16_Read::convert
Notepad++ uses a diagram known as Utf8_16_Read::convert, which converts UTF16 to UTF8 encoding. This diagram has a flaw since it assumes that for every two UTF16 encoded bytes, three UTF8 encoded bytes are wanted. If the chunk of bytes is determined to an uncommon cost savor 9, the calculation turns into incompatible, ensuing in a buffer overflow.
CVE-2023-40036: World buffer read overflow in CharDistributionAnalysis::HandleOneChar
This vulnerability exists since the array index present depends on the scale of the mCharToFreqOrder buffer that a menace actor can exploit by particularly crafting a file ensuing in a World buffer read overflow. As nicely as, the applying also uses a uchardet library that helps this operation.
CVE-2023-40164: World buffer read overflow in nsCodingStateMachine::NextState
A diverged reproduction of uchardet library is being faded by Notepad++, which became figured out to be inclined to World buffer read overflow. This became since the array index byteCls depends on the scale of the charLenTable buffer, which a particularly crafted file can exploit.
CVE-2023-40166: Heap buffer read overflow in FileManager::detectLanguageFromTextBegining
When opening a file, Notepad++ calls the diagram FileManager::loadFile, which allocates a mounted-size buffer, followed by FileManager::loadFileData, loading the main block of files to the buffer.
After this, it calls the detectLanguageFromTextBegining to call the file’s starting level’s affirm model. The flaw exists since the loop FileManager::detectLanguageFromTextBegining does now not review if the i+longestlength < dataLen, ensuing in a buffer overflow.
Patches are but to be confirmed by Notepad++ for fixing these vulnerabilities. GitLab has printed a full document about this vulnerability, which mentions the proof-of-understanding, example code, and varied files.
Source credit : cybersecuritynews.com