CVE-2016-5814 – Rockwell Automation RSLogix Micro Starter Lite Project File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2016-5814

Buffer overflow in Rockwell Automation RSLogix Micro Starter Lite, RSLogix Micro Developer, RSLogix 500 Starter Edition, RSLogix 500 Standard Edition, and RSLogix 500 Professional Edition allows remote attackers to execute arbitrary code via a crafted RSS project file. Desbordamiento de búfer en Rockwell Automation RSLogix Micro Starter Lite, RSLogix Micro Developer, RSLogix 500 Starter Edition, RSLogix 500 Standard Edition y RSLogix 500 Professional Edition permite a atacantes remotos ejecutar código arbitrario a través de un archivo de proyecto RSS manipulado. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Rockwell Automation RSLogix Micro Starter Lite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of a RSS (project) file. The issue lies in the failure to properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. • http://www.securityfocus.com/bid/92983 https://ics-cert.us-cert.gov/advisories/ICSA-16-224-02 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •