2 matches found
CVE-2018-25265
CVE-2018-25265 affects LanSpy 2.0.1.159 with a local buffer overflow in the scan section that can lead to arbitrary code execution. Attackers can craft payloads using egghunter techniques to locate and execute shellcode by manipulating the SEH chain; this is a local, no-interaction vulnerability ...
CVE-2018-25268
LanSpy 2.0.1.159 contains a local buffer overflow in the scan field. An attacker can craft input with 688 bytes of padding followed by 4 bytes of controlled data to crash the application or potentially achieve code execution. This vulnerability is localized (LAN access) with high impact across co...