Notepad++ 6.7.3 - Crash (PoC)

EDB-ID:

37558

CVE:

N/A




Platform:

Windows

Date:

2015-07-10


# Title: Notepad++ - Crash
# Date: 10/07/2015
# Author: Rahul Pratap Singh (@0x62626262)
# Vendor Homepage: https://notepad-plus-plus.org
# Download: https://notepad-plus-plus.org/download/v6.7.3.html
# Version: v6.7.3
# Tested on: Windows_XP_x86 & Windows_7_x86

Incorrect theme file parsing, that leads to crash.

-Create a .xml file with numbereous "A" (around 1000) in it and save as
test.xml
-Go to this directory in windows  "/appdata/roaming/notepad++/themes/" and
paste above test.xml file in this theme folder and restart notepad++
-Now start notepad++ and in menu tab, go in settings and then select style
configurator and now select test file in theme select option
-Now hit "save and close" button, it will crash with an error message

Thanks

Rahul Pratap Singh