CVE ID | |
CVSS SCORE | 7.2, AV:L/AC:L/Au:N/C:C/I:C/A:C |
AFFECTED VENDORS |
WECON |
AFFECTED PRODUCTS |
LeviStudio |
TREND MICRO CUSTOMER PROTECTION | Trend Micro TippingPoint IPS customers are protected against this vulnerability by Digital Vaccine protection filter ID ['22101']. For further product information on the TippingPoint IPS: http://www.tippingpoint.com |
VULNERABILITY DETAILS |
The specific flaw exists in the handling of LeviStudio Project files. By providing an overly long BaseSet HMINAME XML attribute, an attacker can overflow a stack-based buffer and execute arbitrary code in the context of the current process. |
ADDITIONAL DETAILS |
12/07/2015 - ZDI disclosed multiple reports for this vendor to ICS-CERT -- Mitigation:
|
DISCLOSURE TIMELINE |
|
CREDIT | Brian Gorenc - HPE Zero Day Initiative |