Code Blocks 17.12 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by crafting a malicious file name with Unicode characters. Attackers can trigger the vulnerability by pasting a specially crafted payload into the file name field during project creation, potentially executing system commands like calc.exe.
20.03+svn13046-0.120.03+svn13046-0.220.03+svn13046-0.320.03+svn13046-0.3~exp120.03+svn13046-0.420.03-320.03-3.125.03+dfsg-125.03+dfsg-220.03+svn13046-0.120.03+svn13046-0.220.03+svn13046-0.320.03+svn13046-0.3~exp120.03+svn13046-0.425.03+dfsg-125.03+dfsg-225.03+dfsg-2Exploitability
AV:LAC:LPR:NUI:NScope
S:UImpact
C:HI:HA:HCVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H