CVE-2019-12551

MEDIUM

SweetScape 010 Editor 9.0.1 - Out-of-bounds Write via Memcpy Function

Title source: llm
STIX 2.1

Description

In SweetScape 010 Editor 9.0.1, improper validation of arguments in the internal implementation of the Memcpy function (provided by the scripting engine) allows an attacker to overwrite arbitrary memory, which could lead to code execution.

References (3)

Core 3
Core References
Release Notes, Vendor Advisory x_refsource_misc
https://www.sweetscape.com/010editor/manual/ReleaseNotes.htm
Exploit, Third Party Advisory x_refsource_misc
https://github.com/ereisr00/bagofbugz/blob/master/010Editor
Exploit, Third Party Advisory x_refsource_misc
https://ereisr00.github.io/

Scores

CVSS v3 5.5
EPSS 0.0214
EPSS Percentile 79.9%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Details

CWE
CWE-787
Status published
Products (1)
sweetscape/010_editor 9.0.1
Published Jul 22, 2019
Tracked Since Feb 18, 2026