Primary

Context

SpotAuditor Denial-of-Service Vulnerability in Registration Dialog

Vulnerability

A denial-of-service vulnerability has been identified in SpotAuditor version 5.2.6. The issue arises in the registration dialog, where local attackers can cause the application to crash by entering an excessively long string in the Name field. Exploitation involves pasting a buffer of 300 repeated characters into the Name input during the registration process, which triggers the application to crash.

Impact

Exploitation of this vulnerability leads to a crash of the SpotAuditor application, causing a denial-of-service condition.

Reproduction

To reproduce this vulnerability, first create a text file containing 300 repeated characters. Then, open SpotAuditor and navigate to the registration dialog. Paste the contents of the text file into the Name field, enter a registration key, and click 'OK'. The application will crash, demonstrating the denial-of-service vulnerability.

Added: Mar 22, 2026, 2:32 PM

Updated: Mar 22, 2026, 2:32 PM

Vulnerability Rating

Custom Algorithm

spread

1.2

impact

2.5

exploitability

4.6

remediation

0.0

relevance

4.5

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.2

impact

2.5

exploitability

4.6

remediation

0.0

relevance

4.5

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SpotAuditor Denial-of-Service Vulnerability in Registration Dialog

Vulnerability

Impact

Reproduction

Affected Products

SpotAuditor

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating