CVE-2017-9660 – Fuji Electric Monitouch V-SFT Project File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2017-9660

A Heap-Based Buffer Overflow was discovered in Fuji Electric Monitouch V-SFT versions prior to Version 5.4.43.0. A heap-based buffer overflow vulnerability has been identified, which may cause a crash or allow remote code execution. Se ha descubierto un problema de desbordamiento de búfer basado en memoria dinámica en Fuji Electric Monitouch V-SFT en las versiones anteriores a la 5.4.43.0. Se ha identificado una vulnerabilidad de desbordamiento de búfer basado en memoria dinámica, lo que podría provocar un bloqueo o permitir la ejecución remota de código. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Fuji Electric Monitouch V-SFT. • http://www.securityfocus.com/bid/100265 http://www.zerodayinitiative.com/advisories/ZDI-17-645 https://ics-cert.us-cert.gov/advisories/ICSA-17-222-04 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •