The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Notepad++

computer vulnerability announce 28907

Notepad++: buffer overflow via Command-extractArgs

Synthesis of the vulnerability

An attacker can trigger a buffer overflow via Command::extractArgs of Notepad++, in order to trigger a denial of service, and possibly to run code.
Impacted products: Notepad++.
Severity: 2/4.
Consequences: user access/rights, denial of service on client.
Provenance: user shell.
Creation date: 01/04/2019.
Identifiers: VIGILANCE-VUL-28907.

Description of the vulnerability

An attacker can trigger a buffer overflow via Command::extractArgs of Notepad++, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce 22052

Notepad++: code execution via SciLexer.dll

Synthesis of the vulnerability

An attacker can, on a compromised computer, replace the SciLexer.dll DLL by a malicious version, in order to run code when the user starts Notepad++.
Impacted products: Notepad++.
Severity: 1/4.
Consequences: user access/rights.
Provenance: user shell.
Creation date: 09/03/2017.
Identifiers: VIGILANCE-VUL-22052.

Description of the vulnerability

An attacker can, on a compromised computer, replace the SciLexer.dll DLL by a malicious version, in order to run code when the user starts Notepad++.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert 20851

Notepad++: executing DLL code via SciLexer.dll

Synthesis of the vulnerability

An attacker can create a malicious SciLexer.dll DLL, and then put it in the current directory of Notepad++, in order to execute code.
Impacted products: Notepad++.
Severity: 2/4.
Consequences: user access/rights.
Provenance: intranet server.
Creation date: 12/10/2016.
Identifiers: VIGILANCE-VUL-20851.

Description of the vulnerability

The Notepad++ product uses external shared libraries (DLL).

However, if the working directory contains a malicious SciLexer.dll DLL, it is automatically loaded.

An attacker can therefore create a malicious SciLexer.dll DLL, and then put it in the current directory of Notepad++, in order to execute code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2016-2542

Flexera InstallShield, JRSoft Inno Setup: code execution via DLL-planting

Synthesis of the vulnerability

An attacker can create a malicious DLL for Flexera InstallShield or JRSoft Inno Setup, in order to run code with administrator privileges.
Impacted products: NetWorker, FortiClient, DB2 UDB, Notes, Tivoli Storage Manager, WebSphere MQ, Notepad++, PuTTY, X2GoClient.
Severity: 3/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights.
Provenance: document.
Creation date: 09/05/2016.
Revisions dates: 02/06/2016, 06/07/2016.
Identifiers: 1610582, 1978168, 1978363, 1979808, 1980839, 1982467, 1982741, 1982809, 1983796, 1983797, 1983813, 1983814, 1983815, 1984184, 1984743, 1984863, 494999, CVE-2016-2542, ESA-2017-008, FG-IR-16-046, VIGILANCE-VUL-19558.

Description of the vulnerability

The products Flexera InstallShield and JRSoft Inno Setup are used to create installation program for software packages.

In some cases, the generated programs load extension modules the name and possible locations depend on the considered package. However, in some cases, the installer looks for these extension DLL in folders which are writeable by unprivileged users, while the installation program that loads and run this DLL is expected to be run by an administrator. A typical case of this is the download folder of a browser. One should note that these installers are expected to be run only a few times, so possibilities of exploit attempts are rare.

This bug has also been reported for other products in the bulletin VIGILANCE-VUL-18671.

An attacker can therefore create a malicious DLL for Flexera InstallShield or JRSoft Inno Setup, in order to run code with administrator privileges.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce 18567

Notepad++: buffer overflow of NppFTP

Synthesis of the vulnerability

An attacker can generate a buffer overflow in NppFTP of Notepad++, in order to trigger a denial of service, and possibly to run code.
Impacted products: Notepad++.
Severity: 2/4.
Consequences: user access/rights, denial of service on client.
Provenance: intranet server.
Creation date: 21/12/2015.
Identifiers: VIGILANCE-VUL-18567.

Description of the vulnerability

The NppFTP plugin can be installed on Notepad++ in order to connect to a FTP service.

The FTP LIST command obtains a directory listing from the server. However, if the FTP server returns a large group name, an overflow occurs in the NppFTP client.

An attacker can therefore generate a buffer overflow in NppFTP of Notepad++, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce 17732

Notepad++: buffer overflow of recent files

Synthesis of the vulnerability

An attacker can generate a buffer overflow with a recent file of Notepad++, in order to trigger a denial of service, and possibly to run code.
Impacted products: Notepad++.
Severity: 2/4.
Consequences: user access/rights, denial of service on client.
Provenance: document.
Creation date: 21/08/2015.
Identifiers: VIGILANCE-VUL-17732.

Description of the vulnerability

The Notepad++ product records recent files.

However, when a recent file is opened, if the size of data is greater than the size of the storage array, an overflow occurs.

An attacker can therefore generate a buffer overflow with a recent file of Notepad++, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2014-9456

NotePad++: buffer overflow of url

Synthesis of the vulnerability

An attacker can generate a buffer overflow via an url in NotePad++, in order to trigger a denial of service, and possibly to execute code.
Impacted products: Notepad++.
Severity: 2/4.
Consequences: user access/rights, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 2.
Creation date: 23/12/2014.
Identifiers: CVE-2014-1004-REJECT, CVE-2014-9456, VIGILANCE-VUL-15874.

Description of the vulnerability

The NotePad++ product is used to edit XML files.

However, the edition of an XML file containing an url with a long server name triggers an overflow.

An attacker can therefore generate a buffer overflow via an url in NotePad++, in order to trigger a denial of service, and possibly to execute code.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Notepad++: