top of page
perceptive_background_267k.jpg

Arm Whois 3.11 contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by overwriting the structured exception handler. A…

Published:

31 mei 2026 om 22:00:00

Alert date:

1 juni 2026 om 23:04:16

Source:

nvd.nist.gov

Click to open the original link from this advisory

Security Tools

CVE-2018-25432 affects Arm Whois version 3.11, containing a buffer overflow vulnerability that enables local attackers to execute arbitrary code. The vulnerability is exploited by overwriting the structured exception handler (SEH) through a malicious input file. Attackers can craft input with a specific 672-byte offset to overwrite nSEH and SEH pointers. This enables code execution through exception handler hijacking techniques. The vulnerability allows local privilege escalation and arbitrary code execution on affected systems.

Technical details

Mitigation steps:

Affected products:

Arm Whois 3.11

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2018-25432
http://www.armcode.com
http://www.armcode.com/downloads/arm-whois.exe
https://www.exploit-db.com/exploits/45907
https://www.vulncheck.com/advisories/arm-whois-buffer-overflow-via-aslr-bypass

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page