PT-2017-18033 · Microsoft+1 · Windows+1

Published

2017-05-09

Updated

2017-05-23

CVE-2017-7967

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions VAMPSET versions prior to V2.2.189

Description The issue occurs when a corrupted vf2 file is used, causing memory corruption. This leads to the software halting or failing to start when attempting to open the corrupted file. The vulnerability is triggered by intentionally malformed fill settings in a standalone state, without connection to a protection relay. It is not considered remotely exploitable and does not affect the operation of the connected protection relay. The Windows operating system remains operational, and VAMPSET can be shut down normally.

Recommendations For versions prior to V2.2.189, update to version V2.2.189 or later to resolve the issue.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2017-7967

Affected Products

Vampset

Windows

PT-2017-18033 · Microsoft+1 · Windows+1

CVE-2017-7967

Weakness Enumeration

Related Identifiers

Affected Products

References · 4