Vulnerability-Lookup

Search criteria

Vendor

Product

Assigner

Sources

Sort by

Order

Apply ordering (override relevance)

1 vulnerability found for Visual Ping by scanwith

CVE-2018-25369 (GCVE-0-2018-25369)

Vulnerability from cvelistv5 – Published: 2026-05-25 14:15 – Updated: 2026-05-25 14:15

Title

Visual Ping 0.8.0.0 Buffer Overflow Denial of Service

Summary

Visual Ping 0.8.0.0 contains a buffer overflow vulnerability in input field handling that allows local attackers to crash the application by supplying oversized data. Attackers can inject malicious payloads exceeding 4108 bytes into the Host, Time Out, Packet Size, Pause, or Loops fields to trigger a denial of service condition.

Severity ?

6.9 (Medium)


                        
                          CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Assigner

VulnCheck

References

4 references

URL	Tags
https://www.exploit-db.com/exploits/45316	exploit
http://www.itlights.com	product
http://www.scanwith.com/download/Free_Visual_Ping.htm	product
https://www.vulncheck.com/advisories/visual-ping-…	third-party-advisory

Impacted products

1 product

Vendor	Product	Version
scanwith	Visual Ping	Affected: 0.8.0.0

Date Public ?

2018-08-30 00:00

Credits

Uriel Corral Salinas

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "product": "Visual Ping",
          "vendor": "scanwith",
          "versions": [
            {
              "status": "affected",
              "version": "0.8.0.0"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Uriel Corral Salinas"
        }
      ],
      "datePublic": "2018-08-30T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Visual Ping 0.8.0.0 contains a buffer overflow vulnerability in input field handling that allows local attackers to crash the application by supplying oversized data. Attackers can inject malicious payloads exceeding 4108 bytes into the Host, Time Out, Packet Size, Pause, or Loops fields to trigger a denial of service condition."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS"
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-120",
              "description": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-25T14:15:14.709Z",
        "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "shortName": "VulnCheck"
      },
      "references": [
        {
          "name": "ExploitDB-45316",
          "tags": [
            "exploit"
          ],
          "url": "https://www.exploit-db.com/exploits/45316"
        },
        {
          "name": "Official Product Homepage",
          "tags": [
            "product"
          ],
          "url": "http://www.itlights.com"
        },
        {
          "name": "Product Reference",
          "tags": [
            "product"
          ],
          "url": "http://www.scanwith.com/download/Free_Visual_Ping.htm"
        },
        {
          "name": "VulnCheck Advisory: Visual Ping 0.8.0.0 Buffer Overflow Denial of Service",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://www.vulncheck.com/advisories/visual-ping-buffer-overflow-denial-of-service"
        }
      ],
      "title": "Visual Ping 0.8.0.0 Buffer Overflow Denial of Service",
      "x_generator": {
        "engine": "vulncheck"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
    "assignerShortName": "VulnCheck",
    "cveId": "CVE-2018-25369",
    "datePublished": "2026-05-25T14:15:14.709Z",
    "dateReserved": "2026-05-25T13:40:20.153Z",
    "dateUpdated": "2026-05-25T14:15:14.709Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}