8.2 High
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.288 Low
EPSS
Percentile
96.9%
Stack-based buffer overflow in 2BrightSparks SyncBack Freeware 3.2.20.0, and possibly other versions before 3.2.21, allows user-assisted remote attackers to execute arbitrary code via a long filename in a (1) .sps or (2) zip profile.
CPE | Name | Operator | Version |
---|---|---|---|
2brightsparks:syncback | 2brightsparks syncback | eq | 3.2.20.0 |
osvdb.org/64752
secunia.com/advisories/39865
www.2brightsparks.com/freeware/changes.html
www.corelan.be:8800/index.php/forum/security-advisories/corelan-10-041-syncback-freeware-v3-2-20-0/
www.corelan.be:8800/wp-content/forum-file-uploads/lincoln/syncbackup.rb_.txt
www.securityfocus.com/bid/40311
exchange.xforce.ibmcloud.com/vulnerabilities/58727