CVE-2019-12551
MEDIUMSweetScape 010 Editor 9.0.1 - Out-of-bounds Write via Memcpy Function
Title source: llmDescription
In SweetScape 010 Editor 9.0.1, improper validation of arguments in the internal implementation of the Memcpy function (provided by the scripting engine) allows an attacker to overwrite arbitrary memory, which could lead to code execution.
References (3)
Core 3
Core References
Release Notes, Vendor Advisory x_refsource_misc
https://www.sweetscape.com/010editor/manual/ReleaseNotes.htm
Exploit, Third Party Advisory x_refsource_misc
https://github.com/ereisr00/bagofbugz/blob/master/010Editor
Exploit, Third Party Advisory x_refsource_misc
https://ereisr00.github.io/
Scores
CVSS v3
5.5
EPSS
0.0214
EPSS Percentile
79.9%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Details
CWE
CWE-787
Status
published
Products (1)
sweetscape/010_editor
9.0.1
Published
Jul 22, 2019
Tracked Since
Feb 18, 2026