Description
Arm Whois 3.11 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized input string. Attackers can paste a malicious buffer of 700 bytes into the IP address or domain input field to trigger a denial of service condition.
Published: 2026-05-30
Score: 6.9 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Arm Whois 3.11 contains a buffer overflow that can be triggered by a local attacker providing an overly long input string. When an attacker inputs a 700‑byte buffer into the IP address or domain field, the application copies the data into a fixed‑size buffer without bounds checking, causing a crash. The result is a denial of service condition that terminates the program and can require a restart. The weakness is a classic stack based buffer overflow (CWE‑120).

Affected Systems

The affected product is Arm Whois version 3.11, distributed by Armcode. Only this specific version is mentioned in the advisory, and no other versions are referenced as vulnerable.

Risk and Exploitability

The CVSS score of 6.9 indicates a moderate severity. The EPSS score is unavailable, and the vulnerability is not listed in the CISA KEV catalog, suggesting it has not been publicly exploited to a significant extent. The attack vector is local, meaning an attacker must have the ability to run the program on a machine where the software is installed. Once the buffer overflow is triggered, the application crashes, denying service to legitimate users. Overall, the risk is moderate but could be higher in environments where Arm Whois is a critical service and local access can be easily obtained.

Generated by OpenCVE AI on May 30, 2026 at 16:22 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Check Armcode's website or support channels for a patch or updated version of Arm Whois that fixes the buffer overflow.
  • Restrict access to the Arm Whois executable to privileged users only, and disable execution by untrusted or local users.
  • Monitor system logs or application crash reports for repeated crashes, and investigate any sudden termination of the service.

Generated by OpenCVE AI on May 30, 2026 at 16:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sat, 30 May 2026 15:30:00 +0000

Type Values Removed Values Added
Description Arm Whois 3.11 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized input string. Attackers can paste a malicious buffer of 700 bytes into the IP address or domain input field to trigger a denial of service condition.
Title Arm Whois 3.11 Denial of Service via Buffer Overflow
Weaknesses CWE-120
References
Metrics cvssV3_1

{'score': 6.2, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-05-30T14:55:26.966Z

Reserved: 2026-05-30T14:21:40.030Z

Link: CVE-2018-25423

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-30T16:17:03.577

Modified: 2026-05-30T16:17:03.577

Link: CVE-2018-25423

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-30T16:30:27Z

Weaknesses