CVE-2017-14627 – CyberLink LabelPrint < 2.5 - Local Buffer Overflow (SEH Unicode)

https://notcve.org/view.php?id=CVE-2017-14627

23 Sep 2017 — Stack-based buffer overflows in CyberLink LabelPrint 2.5 allow remote attackers to execute arbitrary code via the (1) author (inside the INFORMATION tag), (2) name (inside the INFORMATION tag), (3) artist (inside the TRACK tag), or (4) default (inside the TEXT tag) parameter in an lpp project file. Desbordamientos de búfer basado en pila en la versión 2.5 de CyberLink LabelPrint permiten que los atacantes ejecuten código arbitrario mediante los parámetros (1) author (dentro de la etiqueta INFORMATION), (2) ... • https://www.exploit-db.com/exploits/42777 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •