CVE-2017-6025

CWE-121Stack-based Buffer OverflowCWE-119Buffer Overflow3 documents3 sources
Severity
9.8CRITICAL
EPSS
0.6%
top 29.73%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Codesys WEB Server
Timeline
PublishedMay 19
Latest updateMay 13

Description

A Stack Buffer Overflow issue was discovered in 3S-Smart Software Solutions GmbH CODESYS Web Server. The following versions of CODESYS Web Server, part of the CODESYS WebVisu web browser visualization software, are affected: CODESYS Web Server Versions 2.3 and prior. A malicious user could overflow the stack buffer by providing overly long strings to functions that handle the XML. Because the function does not verify string size before copying to memory, the attacker may then be able to crash th

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

CVEListV53s-smart_software_solutions_gmbh_codesys_web_server3S-Smart Software Solutions GmbH CODESYS Web Server

🔴Vulnerability Details

2
GHSA
GHSA-86wq-qm2r-82w8: A Stack Buffer Overflow issue was discovered in 3S-Smart Software Solutions GmbH CODESYS Web Server2022-05-13
CVEList
CVE-2017-6025: A Stack Buffer Overflow issue was discovered in 3S-Smart Software Solutions GmbH CODESYS Web Server2017-05-19
CVE-2017-6025 (CRITICAL CVSS 9.8) | A Stack Buffer Overflow issue was d | cvebase.io