CVE-2019-12555

HIGH

SweetScape 010 Editor 9.0.1 - Denial of Service via SubStr Function Argument Validation

Title source: llm
STIX 2.1

Description

In SweetScape 010 Editor 9.0.1, improper validation of arguments in the internal implementation of the SubStr function (provided by the scripting engine) allows an attacker to cause a denial of service by crashing the application.

References (2)

Core 2
Core References
Release Notes, Vendor Advisory x_refsource_confirm
https://www.sweetscape.com/010editor/release_notes.html

Scores

CVSS v3 7.5
EPSS 0.0123
EPSS Percentile 65.2%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-125
Status published
Products (1)
sweetscape/010_editor 9.0.1
Published Jun 05, 2019
Tracked Since Feb 18, 2026