CVE-2018-25369
Buffer Overflow in Visual Ping via Input Fields
Publication date: 2026-05-25
Last updated on: 2026-05-25
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| visual_ping | visual_ping | 0.8.0.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-120 | The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
Visual Ping version 0.8.0.0 has a buffer overflow vulnerability in how it handles input fields. This means that if a local attacker inputs data that is too largeβspecifically more than 4108 bytesβinto certain fields like Host, Time Out, Packet Size, Pause, or Loops, it can cause the application to crash.
This vulnerability arises because the application does not properly limit the size of the input, allowing an attacker to overflow the buffer and disrupt normal operation.
How can this vulnerability impact me? :
The primary impact of this vulnerability is a denial of service condition. An attacker with local access can cause the Visual Ping application to crash by supplying oversized input data.
This crash can disrupt normal operations, potentially causing loss of availability of the application until it is restarted or fixed.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, avoid supplying oversized data exceeding 4108 bytes into the Host, Time Out, Packet Size, Pause, or Loops fields in Visual Ping 0.8.0.0.
Restrict local access to the application to prevent local attackers from exploiting the buffer overflow.
Consider updating or patching the application if a fixed version becomes available.