Security Advisory

CVE-2008-3436

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2008-08-01 14:00:00

Last updated 2024-09-16 18:13:02

Assigner mitre

State PUBLISHED

Description

The GUP generic update process in Notepad++ before 4.8.1 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.

← Browse all CVEs View on cve.org ↗