CVSS: 7.8EPSS: 80%CPEs: 1EXPL: 3CVE-2017-14627 – CyberLink LabelPrint < 2.5 - Local Buffer Overflow (SEH Unicode)
https://notcve.org/view.php?id=CVE-2017-14627
23 Sep 2017 — Stack-based buffer overflows in CyberLink LabelPrint 2.5 allow remote attackers to execute arbitrary code via the (1) author (inside the INFORMATION tag), (2) name (inside the INFORMATION tag), (3) artist (inside the TRACK tag), or (4) default (inside the TEXT tag) parameter in an lpp project file. Desbordamientos de búfer basado en pila en la versión 2.5 de CyberLink LabelPrint permiten que los atacantes ejecuten código arbitrario mediante los parámetros (1) author (dentro de la etiqueta INFORMATION), (2) ... • https://www.exploit-db.com/exploits/42777 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2012-4756
https://notcve.org/view.php?id=CVE-2012-4756
06 Sep 2012 — Multiple untrusted search path vulnerabilities in CyberLink LabelPrint 2.5.3602 allow local users to gain privileges via a Trojan horse (1) mfc71loc.dll or (2) mfc71enu.dll file in the current working directory, as demonstrated by a directory that contains a .lpp file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Múltiples vulnerabilidades de busquea de ruta no confiable en CyberLink LabelPrint v2.5.3602 permite a usuarios locales obtener... • http://secunia.com/advisories/49281 •