PT-2019-11103 · Schneider Electric · Zelio Soft 2

Mdm

Publicado

2019-01-09

Atualizado

2019-10-09

CVE-2018-7817

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Zelio Soft 2 versions prior to 5.1

Description: A Use After Free issue exists which could cause remote code execution when opening a specially crafted Zelio Soft project file. This issue is related to the parsing of Zelio Soft 2 ZM2 files.

Recommendations: For versions prior to 5.1, update to a version that contains a fix for this issue to prevent remote code execution when opening specially crafted project files.

Correção

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-416

Identificadores relacionados

CVE-2018-7817

ZDI-19-004

ZDI-19-005

Produtos afetados

Zelio Soft 2

PT-2019-11103 · Schneider Electric · Zelio Soft 2

CVE-2018-7817

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7