CVE-2020-37197

EUVD-2020-31191
Dnss Domain Name Search Software contains a denial of service vulnerability that allows attackers to crash the application by overflowing the 'Name' input field. Attackers can generate a 1000-character buffer payload and paste it into the registration name field to trigger an application crash.
Classic Buffer Overflow
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
nsasoftdomain_name_search_software
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.nsauditor.com/
https://www.exploit-db.com/exploits/47861
https://www.vulncheck.com/advisories/dnss-domain-name-search-software-name-denial-of-service