PT-2023-19960 · Cncsoft · Dopsoft

Nattisamson

Publicado

2023-06-01

Atualizado

2023-06-14

CVE-2023-25177

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions CNCSoft-B DOPSoft versions 1.0.0.4 and prior

Description The issue is related to a stack-based buffer overflow, which could allow an attacker to execute arbitrary code.

Recommendations For versions 1.0.0.4 and prior, update to a version that fixes the stack-based buffer overflow issue. As a temporary workaround, consider restricting access to the DOPSoft application to minimize the risk of exploitation.

Correção

Stack Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-121

Identificadores relacionados

CVE-2023-25177

ZDI-23-781

ZDI-23-782

ZDI-23-783

ZDI-23-784

ZDI-23-785

ZDI-23-786

ZDI-23-787

ZDI-23-788

ZDI-23-789

ZDI-23-790

ZDI-23-791

ZDI-23-792

ZDI-23-793

ZDI-23-794

ZDI-23-795

ZDI-23-796

ZDI-23-797

ZDI-23-798

ZDI-23-799

ZDI-23-800

ZDI-23-801

ZDI-23-802

ZDI-23-803

ZDI-23-804

ZDI-23-805

ZDI-23-806

ZDI-23-807

ZDI-23-808

ZDI-23-809

ZDI-23-810

ZDI-23-812

ZDI-23-813

ZDI-23-814

ZDI-23-815

ZDI-23-816

ZDI-23-817

Produtos afetados

Dopsoft

PT-2023-19960 · Cncsoft · Dopsoft

CVE-2023-25177

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 40