What is GHSA-phhg-j5g3-4q79?

GHSA-phhg-j5g3-4q79 is a security advisory published by GitHub Security Advisories with Critical severity. Arm Whois 3.11 contains a stack-based buffer overflow vulnerability that allows remote attackers...

Which CVE IDs does GHSA-phhg-j5g3-4q79 cover?

GHSA-phhg-j5g3-4q79 covers the following CVE IDs: CVE-2018-25427. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-phhg-j5g3-4q79?

GHSA-phhg-j5g3-4q79 has a CVSS v3 base score of 9.8, published by GitHub Security Advisories.

GHSA-phhg-j5g3-4q79CriticalCVSS 9.8

Arm Whois 3.11 contains a stack-based buffer overflow vulnerability that allows remote attackers...

Vendor

GitHub Security Advisories

Published

June 2, 2026

Last Modified

June 2, 2026

🔗 CVE IDs covered (1)

CVE-2018-25427 →

📋 Description

Arm Whois 3.11 contains a stack-based buffer overflow vulnerability that allows remote attackers to execute arbitrary code by supplying oversized input to the IP address or domain field. Attackers can craft malicious input exceeding 658 bytes with shellcode to overwrite the structured exception handler and gain command execution when the application processes the input.

🔗 References (6)

https://nvd.nist.gov/vuln/detail/CVE-2018-25427
https://www.exploit-db.com/exploits/45796
https://www.vulncheck.com/advisories/arm-whois-buffer-overflow-via-seh-overwrite
http://www.armcode.com
http://www.armcode.com/downloads/arm-whois.exe
https://github.com/advisories/GHSA-phhg-j5g3-4q79