A stack-based buffer overflow vulnerability exists in Notepad++ version 8.9.3 in the file drop handler component. When a user drags and drops a directory path of exactly 259 characters without a trailing backslash, the application appends a backslash and null terminator without proper bounds checking, resulting in a stack buffer overflow and application crash (STATUS_STACK_BUFFER_OVERRUN).
Attack Parameters
Attack Vector
Local
Requires local access
Attack Complexity
High
Difficult to exploit
Privileges Required
Low
Basic privileges needed
User Interaction
Required
User action required
Impact Assessment
Confidentiality
High
Complete data leak
Integrity
High
Complete data modification
Availability
None
No disruption
CVSS Vector v3.1
Weakness Type (CWE)
References 3
https://github.com/notepad-plus-plus/notepad-plus-plus/commit/bfe7514d68bc55953…
33c584b5-0579-4c06-b2a0-8d8329fcab9c
https://github.com/notepad-plus-plus/notepad-plus-plus/issues/17921
33c584b5-0579-4c06-b2a0-8d8329fcab9c
https://github.com/notepad-plus-plus/notepad-plus-plus/pull/17930
33c584b5-0579-4c06-b2a0-8d8329fcab9c