top of page
perceptive_background_267k.jpg

Arm Whois 3.11 contains a stack-based buffer overflow vulnerability that allows remote attackers to execute arbitrary code by supplying oversized input to the I…

Published:

31 mei 2026 om 22:00:00

Alert date:

1 juni 2026 om 23:04:16

Source:

nvd.nist.gov

Click to open the original link from this advisory

Network Infrastructure

Arm Whois version 3.11 contains a critical stack-based buffer overflow vulnerability (CVE-2018-25427) that allows remote attackers to execute arbitrary code. The vulnerability exists in the IP address or domain field input processing. Attackers can exploit this by providing malicious input exceeding 658 bytes containing shellcode. The exploit overwrites the structured exception handler (SEH) to gain command execution. This represents a high-severity remote code execution vulnerability in the network utility application.

Technical details

Mitigation steps:

Affected products:

Arm Whois 3.11

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2018-25427
http://www.armcode.com/
http://www.armcode.com/downloads/arm-whois.exe
https://www.exploit-db.com/exploits/45796
https://www.vulncheck.com/advisories/arm-whois-buffer-overflow-via-seh-overwrite

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page