CVE-2017-12705 – Advantech WebOP Designer Project File Heap Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-12705
A Heap-Based Buffer Overflow issue was discovered in Advantech WebOP. A maliciously crafted project file may be able to trigger a heap-based buffer overflow, which may crash the process and allow an attacker to execute arbitrary code. Se ha descubierto un problema de desbordamiento de búfer basado en memoria dinámica (heap) en Advantech WebOP. Un archivo de proyecto manipulado con fines maliciosos puede desencadenar un desbordamiento de búfer basado en memoria dinámica (heap), lo que puede provocar el cierre inesperado del proceso y permitir que un atacante ejecute código arbitrario. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebOP Designer. • http://www.securityfocus.com/bid/99476 https://ics-cert.us-cert.gov/advisories/ICSA-17-227-01 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •