CVE-2018-25378
BaseFortify
Publication date: 2026-05-25
Last updated on: 2026-05-25
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-789 | The product allocates memory based on an untrusted, large size value, but it does not ensure that the size is within expected limits, allowing arbitrary amounts of memory to be allocated. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in Notebook Pro 2.0 and is a denial of service issue. It allows local attackers to crash the application by entering an excessively long string in the notebook name field.
An attacker can create a malicious text file containing 500 or more characters, then paste this content into the New Notebook Name field. When the attacker attempts to create and save the notebook with this long name, the application crashes.
How can this vulnerability impact me? :
This vulnerability can cause the Notebook Pro 2.0 application to crash, resulting in a denial of service. This means legitimate users may be unable to use the application while it is crashed.
Since the attack requires local access, an attacker with local access can disrupt normal operations by triggering the crash.