PT-2017-19334 · Delta Electronics · Wplsoft

Axt

Published

2017-08-24

Updated

2019-10-09

CVE-2018-7509

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Delta Electronics WPLSoft versions 2.45.0 and prior

Description The issue is related to out-of-bounds write and heap-based buffer overflow in the dvp file parsing functionality, potentially leading to memory corruption or remote code execution.

Recommendations For versions 2.45.0 and prior, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

CVE-2018-7509

ZDI-17-697

ZDI-17-700

ZDI-17-701

Affected Products

Wplsoft

PT-2017-19334 · Delta Electronics · Wplsoft

CVE-2018-7509

Weakness Enumeration

Related Identifiers

Affected Products

References · 7