Full title: SOUND4 LinkAndShare Transmitter 1.1.2 Format String Stack Buffer Overflow Vulnerability 
Category: local exploits
Platform: windows
SOUND4 LinkAndShare Transmitter version 1.1.2 suffers from a format string memory leak and stack buffer overflow vulnerability because it fails to properly sanitize user supplied input when calling the getenv() function from MSVCR120.DLL resulting in a crash overflowing the memory stack and leaking sensitive information. The attacker can abuse the username environment variable to trigger and potentially execute code on the affected system.

# 0day.today @ http://0day.today/