Primary

Context

Simple Startup Manager Buffer Overflow Vulnerability Allowing Arbitrary Code Execution

Vulnerability

A local buffer overflow vulnerability has been identified in Simple Startup Manager version 1.17. This vulnerability allows attackers to execute arbitrary code by overwriting memory through the 'File' input parameter. By crafting a malicious payload of 268 bytes, attackers can bypass Data Execution Prevention (DEP) and manipulate memory addresses to launch calc.exe.

Impact

Exploitation of this vulnerability allows for arbitrary code execution on the affected system.

Reproduction

The vulnerability can be reproduced by turning off DEP for the Simple Startup Manager application. After opening the application, navigate to the 'File' menu and select 'New'. Paste the crafted payload into the 'File' parameter and click 'OK'. This action will trigger the buffer overflow, resulting in the execution of calc.exe.

Added: Jan 30, 2026, 11:32 PM

Updated: Jan 30, 2026, 11:32 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

5.0

remediation

0.0

relevance

2.5

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

5.0

remediation

0.0

relevance

2.5

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Simple Startup Manager Buffer Overflow Vulnerability Allowing Arbitrary Code Execution

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating