CNNVD-202508-1456 Information
CNNVD ID
CNNVD-202508-1456
Related CVE
- CNNVD Published: 2025-08-13
Description (Chinese)
Cytel Studio是美国Cytel公司的一款数据处理软件。 Cytel Studio 9.0及之前版本存在安全漏洞,该漏洞源于处理.CY3文件时存在栈缓冲区溢出,可能导致执行任意代码。
Description (English)
Cytel Studio is a data-processing software of the United States company Cytel. Cytel Studio 9.0 and previous versions had a security loophole, which stemmed from the spilling of the silo buffer zone when processing.CY3 documents, which could lead to the implementation of any code.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Cytel
Published
2025-08-13
Last Modified
2026-02-24
References
http://aluigi.altervista.org/adv/cytel_1-adv.txt https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/cytel_studio_cy3.rb http://www.cytel.com/Software/StatXact.aspx https://web.archive.org/web/20110301000000/* http://www.cytel.com/Software/LogXact.aspx https://web.archive.org/web/20110708215826/ https://web.archive.org/web/20110708215830/ https://www.exploit-db.com/exploits/17930 https://www.exploit-db.com/exploits/18027 https://www.vulncheck.com/advisories/cytel-studio-cy3-file-stack-buffer-overflow
Share on: