CVE-2018-25287
Buffer Overflow in Drive Power Manager 1.10 Causes DoS
Publication date: 2026-04-26
Last updated on: 2026-04-26
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-120 | The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
Drive Power Manager version 1.10 has a buffer overflow vulnerability. This occurs when a local attacker inputs an excessively long string into the Name field of the application.
Specifically, an attacker can paste a payload of 6000 bytes into the Name field and then click Register, which causes the application to crash.
This vulnerability allows the attacker to trigger a denial of service condition by exploiting the buffer overflow.
How can this vulnerability impact me? :
This vulnerability can impact you by causing the Drive Power Manager application to crash, resulting in a denial of service.
Since the vulnerability requires local access and user interaction, an attacker with local access can disrupt the normal operation of the application by supplying a specially crafted input.
The impact is limited to availability, as the vulnerability does not affect confidentiality or integrity.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.