PT-2017-19332 · Delta Electronics · Wplsoft

Publicado

2017-08-24

Atualizado

2019-10-09

CVE-2018-7494

CVSS v3.1

8.8

Alta

Vetor

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Delta Electronics WPLSoft versions 2.45.0 and prior

Description The issue concerns a stack-based buffer overflow that occurs when a value larger than the buffer is read from a file into a fixed length stack buffer. This can cause the buffer to be overwritten, potentially allowing remote code execution or causing the application to crash.

Recommendations For versions 2.45.0 and prior, update to a version that fixes this issue, as the current version may allow remote code execution or cause the application to crash due to the buffer overflow. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Stack Overflow

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-121CWE-119

Identificadores relacionados

CVE-2018-7494

ZDI-17-698

Produtos afetados

Wplsoft

PT-2017-19332 · Delta Electronics · Wplsoft

CVE-2018-7494

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5