CVE-2023-4590

HIGH

Frhed <1.6.0 - RCE

Title source: llm

Description

Buffer overflow vulnerability in Frhed hex editor, affecting version 1.6.0. This vulnerability could allow an attacker to execute arbitrary code via a long filename argument through the Structured Exception Handler (SEH) registers.

Exploits (1)

nomisec WORKING POC 2 stars

by dgndrn · poc

https://github.com/dgndrn/CVE-2023-4590

View Code ZIP pw:eip

References (1)

Core 1

Core References

Third Party Advisory

https://www.incibe.es/en/incibe-cert/notices/aviso/buffer-overflow-vulnerability-frhed

Scores

CVSS v3 7.3

EPSS 0.0041

EPSS Percentile 61.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-120

Status published

Products (1)

kimmov/frhed 1.6.0

Published Nov 27, 2023

Tracked Since Feb 18, 2026