CVE-2018-25427
Stack-Based Buffer Overflow in Arm Whois
Publication date: 2026-06-01
Last updated on: 2026-06-01
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| arm | whois | 3.11 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
Arm Whois 3.11 contains a stack-based buffer overflow vulnerability. This occurs when the application processes input that is larger than expected, specifically when an attacker supplies an input exceeding 658 bytes to the IP address or domain field.
By crafting malicious input with embedded shellcode, an attacker can overwrite the structured exception handler in the program's memory. This allows the attacker to execute arbitrary code remotely on the affected system.
How can this vulnerability impact me? :
This vulnerability can have severe impacts as it allows remote attackers to execute arbitrary code on the affected system without any privileges or user interaction.
Successful exploitation could lead to full system compromise, including unauthorized access, data theft, system manipulation, or disruption of services.