Explorer
Monthly
RunZero Explorer versions prior to 4.0.260208.0 allow high-privileged authenticated users to access Explorer groups outside their authorized organization scope, enabling unauthorized cross-organizational information disclosure and potential service disruption. The vulnerability stems from incorrect authorization controls (CWE-863) and requires administrator-level credentials and high attack complexity to exploit. No public exploit code or active exploitation has been identified at time of analysis.
Explorer32++ 1.3.5.531 has a buffer overflow in filename handling that corrupts the SEH chain with filenames over 396 characters. PoC available.
RunZero Explorer versions prior to 4.0.260208.0 allow high-privileged authenticated users to access Explorer groups outside their authorized organization scope, enabling unauthorized cross-organizational information disclosure and potential service disruption. The vulnerability stems from incorrect authorization controls (CWE-863) and requires administrator-level credentials and high attack complexity to exploit. No public exploit code or active exploitation has been identified at time of analysis.
Explorer32++ 1.3.5.531 has a buffer overflow in filename handling that corrupts the SEH chain with filenames over 396 characters. PoC available.