CVE-2023-42757

Published: May 7, 2024Modified: Jun 17, 2026Deferred

4.2

Vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H

Exploitability: 0.6 / Impact: 3.6

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

Process Explorer before 17.04 allows attackers to make it functionally unavailable (a denial of service for analysis) by renaming an executable file to a new extensionless 255-character name and launching it with NtCreateUserProcess. This can occur through an issue in wcscat_s error handling.

Related CWEs

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

References (6)

https://github.com/SafeBreach-Labs/MagicDot

Source: cve@mitre.org

https://www.blackhat.com/asia-24/briefings/schedule/#magicdot-a-hackers-magic-show-of-disappearing-dots-and-spaces-36561

Source: cve@mitre.org

https://www.safebreach.com/blog/magicdot-a-hackers-magic-show-of-disappearing-dots-and-spaces/

Source: cve@mitre.org

https://github.com/SafeBreach-Labs/MagicDot

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.blackhat.com/asia-24/briefings/schedule/#magicdot-a-hackers-magic-show-of-disappearing-dots-and-spaces-36561

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.safebreach.com/blog/magicdot-a-hackers-magic-show-of-disappearing-dots-and-spaces/

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.