Primary

Context

TextPad Denial-of-Service Vulnerability

Vulnerability

A denial-of-service vulnerability has been identified in TextPad version 8.1.2. This issue allows local attackers to crash the application by sending an excessively long buffer string through the Run command interface. By pasting a 5000-byte payload into the Command field via the Tools > Run menu, attackers can trigger a buffer overflow that causes the application to crash.

Impact

Exploiting this vulnerability leads to a crash of the TextPad application, causing a denial-of-service condition where the application becomes unresponsive or unavailable.

Reproduction

To reproduce this vulnerability, open TextPad 8.1.2 on a Windows system. Navigate to 'Tools' and select 'Run...'. In the Command field, paste a 5000-byte payload, which can be generated using a simple script that creates a file containing the required buffer size. After pasting the payload, click 'OK' to execute the command. The application will crash shortly after, demonstrating the denial-of-service condition.

Added: Apr 22, 2026, 4:23 PM

Updated: Apr 22, 2026, 4:23 PM

Vulnerability Rating

Custom Algorithm

spread

1.2

impact

3.1

exploitability

4.6

remediation

0.0

relevance

6.5

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.2

impact

3.1

exploitability

4.6

remediation

0.0

relevance

6.5

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

TextPad Denial-of-Service Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

Helios Software Solutions TextPad

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating