KillProcess File Processing Long FileDescription Overflow
Local Access Required
Loss of Integrity
A local overflow exists in KillProcess. The application fails to perform proper bounds checking resulting in a buffer overflow. With a specially crafted *.exe file containing an overly long 'FileDescription' string in the version resource, a malicious user can cause arbitrary code execution resulting in a loss of integrity.
Upgrade to version 2.21 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.