A local buffer overflow vulnerability in Base64 Decoder version 1.1.2 permits arbitrary code execution, requiring immediate software replacement or mitigation.

The application contains a stack-based buffer overflow that can be triggered by a local attacker providing a specifically crafted input file. By overwriting the Structured Exception Handler (SEH) with an egghunter payload, an attacker can achieve arbitrary code execution within the context of the application.

With a CVSS score of 8.4, this vulnerability presents a high risk for local privilege escalation or system compromise. If the vulnerable utility is used in automated processing pipelines, an attacker could potentially achieve remote code execution (RCE) by delivering a malicious file to the processing server, leading to full system compromise.

Immediate Action: Discontinue the use of Base64 Decoder version 1.1.2 and migrate to a secure, actively maintained alternative.

Proactive Monitoring: Monitor file integrity and execution logs on systems where this utility is installed to detect unexpected process behaviors.

Compensating Controls: Use application whitelisting or restrict execution permissions to prevent unauthorized users from running the vulnerable utility.

Public Exploit Available: True

Due to the age of the software and the nature of the buffer overflow, remediation should focus on replacing the utility entirely. Organizations should audit their environments to identify and remove this legacy software to eliminate the associated security risk.