PT-2016-6690 · Delta Electronics · Wplsoft+2

Ariele Caltabiano

Published

2016-12-15

Updated

2017-03-14

CVE-2016-5805

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Delta Electronics WPLSoft versions prior to V2.42.11 Delta Electronics ISPSoft versions prior to 3.02.11 Delta Electronics PMSoft versions prior to 2.10.10

Description The issue is related to multiple instances of heap-based buffer overflows. These overflows may allow malicious files to cause the execution of arbitrary code or a denial of service. The estimated number of potentially affected devices worldwide is not specified. There is no information about real-world incidents where this issue was exploited.

Recommendations For Delta Electronics WPLSoft versions prior to V2.42.11, update to version V2.42.11 or later. For Delta Electronics ISPSoft versions prior to 3.02.11, update to version 3.02.11 or later. For Delta Electronics PMSoft versions prior to 2.10.10, update to version 2.10.10 or later.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2016-5805

ZDI-16-648

ZDI-16-649

ZDI-16-650

ZDI-16-651

ZDI-16-653

ZDI-16-654

ZDI-16-655

ZDI-16-656

ZDI-16-657

ZDI-16-658

ZDI-16-659

ZDI-16-661

ZDI-16-662

Affected Products

Ispsoft

Pmsoft

Wplsoft

PT-2016-6690 · Delta Electronics · Wplsoft+2

CVE-2016-5805

Weakness Enumeration

Related Identifiers

Affected Products

References · 16