CVE-2019-12553

CRITICAL

SweetScape 010 Editor 9.0.1 - Out-of-bounds Write via StrCat Function

Title source: llm
STIX 2.1

Description

In SweetScape 010 Editor 9.0.1, improper validation of arguments in the internal implementation of the StrCat function (provided by the scripting engine) allows an attacker to overwrite arbitrary memory, which could lead to code execution.

References (2)

Core 2
Core References
Release Notes, Vendor Advisory x_refsource_confirm
https://www.sweetscape.com/010editor/release_notes.html

Scores

CVSS v3 9.8
EPSS 0.0244
EPSS Percentile 82.4%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-787
Status published
Products (1)
sweetscape/010_editor 9.0.1
Published Jun 05, 2019
Tracked Since Feb 18, 2026