CVE-2012-2915

Name of the Vulnerable Software and Affected Versions Lattice Semiconductor PAC-Designer version 6.2.1344

Description A stack-based buffer overflow issue allows remote attackers to execute arbitrary code via a long string in a Value tag in a SymbolicSchematicData definition tag in PAC Design (.pac) files.

Recommendations For version 6.2.1344, consider avoiding the use of long strings in the Value tag until a patch is available. As a temporary workaround, restrict the processing of PAC Design files from untrusted sources to minimize the risk of exploitation.