CVE-2015-1007

Name of the Vulnerable Software and Affected Versions Opto 22 PAC Project Professional versions prior to R9.4008 PAC Project Basic versions prior to R9.4008 PAC Display Basic versions prior to R9.4g PAC Display Professional versions prior to R9.4g OptoOPCServer version R9.4c and prior OptoDataLink version R9.4d and prior

Description A specially crafted configuration file could be used to cause a stack-based buffer overflow condition in the OPCTest.exe, which may allow remote code execution.

Recommendations For Opto 22 PAC Project Professional versions prior to R9.4008, upgrade to version R9.4008 or later. For PAC Project Basic versions prior to R9.4008, upgrade to version R9.4008 or later. For PAC Display Basic versions prior to R9.4g, upgrade to version R9.4g or later. For PAC Display Professional versions prior to R9.4g, upgrade to version R9.4g or later. For OptoOPCServer version R9.4c and prior, upgrade to a version later than R9.4c. For OptoDataLink version R9.4d and prior, upgrade to a version later than R9.4d.