Notepad++ Ruby Source File Processing Buffer Overflow Vulnerability

Notepad++ Ruby Source File Processing Buffer Overflow Vulnerability

Notepad++ is prone to a buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it to an insufficiently sized memory buffer while importing Ruby source files.

Exploiting this issue allows attackers to execute arbitrary machine code in the context of the user running the affected application.

Notepad++ 4.1 is vulnerable to this issue; previous versions may be affected as well.

Scintilla 1.73 is vulnerable to this issue; other versions and applications that use the vulnerable Scintilla DLL file ('SciLexer.dll') are vulnerable as well.