Primary

Context

Prime95 Buffer Overflow Vulnerability in Proxy Password Field Leading to Denial-of-Service

Vulnerability

Patched

A buffer overflow vulnerability has been identified in Prime95 version 29.4b7, specifically within the PrimeNet connection dialog. This vulnerability allows local attackers to cause a denial-of-service by entering an excessively long string, up to 6000 bytes, in the optional proxy password field. The application crashes when it processes the connection settings, creating a disruption in service.

Impact

Exploitation of this vulnerability leads to a crash of the Prime95 application, causing a denial-of-service condition.

Reproduction

To reproduce this vulnerability, Prime95 version 29.4b7 must be installed on a Windows 7 32-bit system. After launching the application, navigate to 'Test' > 'PrimeNet' > 'Connection'. In the connection dialog, enter some information in the fields until reaching the 'Optional proxy password' field. Paste a 6000-byte payload into this field and click 'Ok'. The application will crash shortly after.

Added: Apr 26, 2026, 10:31 PM

Updated: Apr 26, 2026, 10:31 PM

Vulnerability Rating

Custom Algorithm

spread

4.2

impact

0.6

exploitability

4.6

remediation

8.3

relevance

6.8

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.2

impact

0.6

exploitability

4.6

remediation

8.3

relevance

6.8

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Prime95 Buffer Overflow Vulnerability in Proxy Password Field Leading to Denial-of-Service

Vulnerability

Impact

Reproduction

Affected Products

Mersenne Prime95

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating