PT-2016-6687 · Delta Electronics · Wplsoft+2

Ariele Caltabiano

Published

2016-12-15

Updated

2017-03-14

CVE-2016-5802

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Delta Electronics WPLSoft versions prior to V2.42.11 Delta Electronics ISPSoft versions prior to 3.02.11 Delta Electronics PMSoft versions prior to 2.10.10

Description An issue was discovered in the software, where multiple instances of out-of-bounds write conditions may allow malicious files to be read and executed by the affected software. This could potentially lead to remote code execution.

Recommendations For Delta Electronics WPLSoft versions prior to V2.42.11, update to version V2.42.11 or later. For Delta Electronics ISPSoft versions prior to 3.02.11, update to version 3.02.11 or later. For Delta Electronics PMSoft versions prior to 2.10.10, update to version 2.10.10 or later.

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

CVE-2016-5802

ZDI-16-646

ZDI-16-647

ZDI-16-652

ZDI-16-660

ZDI-16-663

Affected Products

Ispsoft

Pmsoft

Wplsoft

PT-2016-6687 · Delta Electronics · Wplsoft+2

CVE-2016-5802

Weakness Enumeration

Related Identifiers

Affected Products

References · 8