PuTTY before 0.75 on Windows allows remote servers to cause a denial of service (Windows GUI hang) by telling the PuTTY window to change its title repeatedly at high speed, which results in many SetWindowTextA or SetWindowTextW calls. NOTE: the same attack methodology may affect some OS-level GUIs on Linux or other platforms for similar reasons.
Metrics
CVSS Version: 3.1 |
Base Score: 7.5 HIGH Vector: CVSS:3.1/AC:L/AV:N/A:H/C:N/I:N/PR:N/S:U/UI:N