Описание
Stack-based buffer overflow in the ReadFile function in flt_BMP.dll in Chasys Draw IES before 4.11.02 allows remote attackers to execute arbitrary code via crafted biPlanes and biBitCount fields in a BMP file.
Ссылки
- Exploit
- Vendor Advisory
- Exploit
- Exploit
- Vendor Advisory
- Exploit
Уязвимые конфигурации
Конфигурация 1Версия до 4.10.01 (включая)
Одно из
cpe:2.3:a:jpchacha:chasys_draw_ies:*:*:*:*:*:*:*:*
cpe:2.3:a:jpchacha:chasys_draw_ies:4.00.01:*:*:*:*:*:*:*
cpe:2.3:a:jpchacha:chasys_draw_ies:4.01.01:*:*:*:*:*:*:*
cpe:2.3:a:jpchacha:chasys_draw_ies:4.02.01:*:*:*:*:*:*:*
cpe:2.3:a:jpchacha:chasys_draw_ies:4.03.02:*:*:*:*:*:*:*
cpe:2.3:a:jpchacha:chasys_draw_ies:4.04.01:*:*:*:*:*:*:*
cpe:2.3:a:jpchacha:chasys_draw_ies:4.06.02:*:*:*:*:*:*:*
EPSS
Процентиль: 99%
0.76868
Высокий
9.3 Critical
CVSS2
Дефекты
CWE-119
Связанные уязвимости
github
больше 3 лет назад
Stack-based buffer overflow in the ReadFile function in flt_BMP.dll in Chasys Draw IES before 4.11.02 allows remote attackers to execute arbitrary code via crafted biPlanes and biBitCount fields in a BMP file.
EPSS
Процентиль: 99%
0.76868
Высокий
9.3 Critical
CVSS2
Дефекты
CWE-119