LanSpy 2.0.1.159 contains a local buffer overflow vulnerability that allows attackers to overwrite the instruction pointer by supplying oversized input to the s…

LanSpy version 2.0.1.159 contains a critical local buffer overflow vulnerability in the scan field that allows attackers to overwrite the instruction pointer. The vulnerability can be exploited by supplying oversized input consisting of 688 bytes of padding followed by 4 bytes of controlled data. This exploitation technique can lead to application crashes or potentially achieve arbitrary code execution. The vulnerability represents a significant security risk for systems running the affected version of LanSpy. Multiple proof-of-concept exploits and advisories are available documenting the technical details of this buffer overflow.