CVE-2018-25287
Buffer Overflow in Drive Power Manager 1.10 Causes DoS
Publication date: 2026-04-26
Last updated on: 2026-04-26
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-120 | The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
Drive Power Manager version 1.10 has a buffer overflow vulnerability. This occurs when a local attacker inputs an excessively long string into the Name field of the application.
Specifically, an attacker can paste a payload of 6000 bytes into the Name field and then click Register, which causes the application to crash.
This vulnerability allows the attacker to trigger a denial of service condition by exploiting the buffer overflow.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.
How can this vulnerability impact me? :
This vulnerability can impact you by causing the Drive Power Manager application to crash, resulting in a denial of service.
Since the vulnerability requires local access and user interaction, an attacker with local access can disrupt the normal operation of the application by supplying a specially crafted input.
The impact is limited to availability, as the vulnerability does not affect confidentiality or integrity.