var-201702-0423
Vulnerability from variot
An issue was discovered in Delta Electronics WPLSoft, Versions prior to V2.42.11, ISPSoft, Versions prior to 3.02.11, and PMSoft, Versions prior to2.10.10. There are multiple instances of heap-based buffer overflows that may allow malicious files to cause the execution of arbitrary code or a denial of service. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation WPLSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of data from a LAD file. A crafted length element can trigger an overflow of a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute arbitrary code under the context of the process. Delta Electronics WPLSoft and others are software control platforms used by Delta Electronics to edit the Delta DVP series of programmable logic controllers (PLCs). A heap buffer overflow vulnerability exists in several Delta Electronics products
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201702-0423",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wplsoft",
"scope": null,
"trust": 6.3,
"vendor": "delta industrial automation",
"version": null
},
{
"model": "ispsoft",
"scope": null,
"trust": 2.1,
"vendor": "delta industrial automation",
"version": null
},
{
"model": "ispsoft",
"scope": "eq",
"trust": 1.6,
"vendor": "delta",
"version": null
},
{
"model": "pmsoft",
"scope": "eq",
"trust": 1.6,
"vendor": "delta",
"version": null
},
{
"model": "wplsoft",
"scope": "eq",
"trust": 1.6,
"vendor": "delta",
"version": null
},
{
"model": "electronics inc ispsoft",
"scope": "eq",
"trust": 0.9,
"vendor": "delta",
"version": "3.0"
},
{
"model": "electronics inc pmsoft",
"scope": "eq",
"trust": 0.9,
"vendor": "delta",
"version": "2.0"
},
{
"model": "electronics inc wplsoft",
"scope": "eq",
"trust": 0.9,
"vendor": "delta",
"version": "2.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "ispsoft",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "pmsoft",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wplsoft",
"version": null
},
{
"model": "electronics inc wplsoft",
"scope": "ne",
"trust": 0.3,
"vendor": "delta",
"version": "2.42.11"
},
{
"model": "electronics inc pmsoft",
"scope": "ne",
"trust": 0.3,
"vendor": "delta",
"version": "2.10.10"
},
{
"model": "electronics inc ispsoft",
"scope": "ne",
"trust": 0.3,
"vendor": "delta",
"version": "3.02.11"
}
],
"sources": [
{
"db": "IVD",
"id": "c1b2c178-9e7c-41ad-b334-53f292b6a7f0"
},
{
"db": "IVD",
"id": "e300285f-39ab-11e9-9115-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-16-661"
},
{
"db": "ZDI",
"id": "ZDI-16-648"
},
{
"db": "ZDI",
"id": "ZDI-16-653"
},
{
"db": "ZDI",
"id": "ZDI-16-659"
},
{
"db": "ZDI",
"id": "ZDI-16-649"
},
{
"db": "ZDI",
"id": "ZDI-16-651"
},
{
"db": "ZDI",
"id": "ZDI-16-656"
},
{
"db": "ZDI",
"id": "ZDI-16-650"
},
{
"db": "ZDI",
"id": "ZDI-16-654"
},
{
"db": "ZDI",
"id": "ZDI-16-658"
},
{
"db": "ZDI",
"id": "ZDI-16-662"
},
{
"db": "ZDI",
"id": "ZDI-16-657"
},
{
"db": "CNVD",
"id": "CNVD-2016-12683"
},
{
"db": "BID",
"id": "94887"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-509"
},
{
"db": "NVD",
"id": "CVE-2016-5805"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:delta_electronics:pmsoft:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:delta_electronics:ispsoft:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:delta_electronics:wplsoft:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-5805"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "axt",
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-661"
},
{
"db": "ZDI",
"id": "ZDI-16-648"
},
{
"db": "ZDI",
"id": "ZDI-16-653"
},
{
"db": "ZDI",
"id": "ZDI-16-659"
},
{
"db": "ZDI",
"id": "ZDI-16-649"
},
{
"db": "ZDI",
"id": "ZDI-16-651"
},
{
"db": "ZDI",
"id": "ZDI-16-656"
},
{
"db": "ZDI",
"id": "ZDI-16-650"
},
{
"db": "ZDI",
"id": "ZDI-16-654"
},
{
"db": "ZDI",
"id": "ZDI-16-658"
},
{
"db": "ZDI",
"id": "ZDI-16-662"
},
{
"db": "ZDI",
"id": "ZDI-16-657"
}
],
"trust": 8.4
},
"cve": "CVE-2016-5805",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2016-5805",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 7.0,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2016-5805",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "CVE-2016-5805",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-12683",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "c1b2c178-9e7c-41ad-b334-53f292b6a7f0",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "e300285f-39ab-11e9-9115-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-94624",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2016-5805",
"trust": 7.7,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2016-5805",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2016-5805",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2016-12683",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201612-509",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "c1b2c178-9e7c-41ad-b334-53f292b6a7f0",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "e300285f-39ab-11e9-9115-000c29342cb1",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-94624",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "c1b2c178-9e7c-41ad-b334-53f292b6a7f0"
},
{
"db": "IVD",
"id": "e300285f-39ab-11e9-9115-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-16-661"
},
{
"db": "ZDI",
"id": "ZDI-16-648"
},
{
"db": "ZDI",
"id": "ZDI-16-653"
},
{
"db": "ZDI",
"id": "ZDI-16-659"
},
{
"db": "ZDI",
"id": "ZDI-16-649"
},
{
"db": "ZDI",
"id": "ZDI-16-651"
},
{
"db": "ZDI",
"id": "ZDI-16-656"
},
{
"db": "ZDI",
"id": "ZDI-16-650"
},
{
"db": "ZDI",
"id": "ZDI-16-654"
},
{
"db": "ZDI",
"id": "ZDI-16-658"
},
{
"db": "ZDI",
"id": "ZDI-16-662"
},
{
"db": "ZDI",
"id": "ZDI-16-657"
},
{
"db": "CNVD",
"id": "CNVD-2016-12683"
},
{
"db": "VULHUB",
"id": "VHN-94624"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-509"
},
{
"db": "NVD",
"id": "CVE-2016-5805"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered in Delta Electronics WPLSoft, Versions prior to V2.42.11, ISPSoft, Versions prior to 3.02.11, and PMSoft, Versions prior to2.10.10. There are multiple instances of heap-based buffer overflows that may allow malicious files to cause the execution of arbitrary code or a denial of service. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation WPLSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of data from a LAD file. A crafted length element can trigger an overflow of a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute arbitrary code under the context of the process. Delta Electronics WPLSoft and others are software control platforms used by Delta Electronics to edit the Delta DVP series of programmable logic controllers (PLCs). A heap buffer overflow vulnerability exists in several Delta Electronics products",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-5805"
},
{
"db": "ZDI",
"id": "ZDI-16-651"
},
{
"db": "ZDI",
"id": "ZDI-16-657"
},
{
"db": "ZDI",
"id": "ZDI-16-662"
},
{
"db": "ZDI",
"id": "ZDI-16-658"
},
{
"db": "ZDI",
"id": "ZDI-16-654"
},
{
"db": "ZDI",
"id": "ZDI-16-656"
},
{
"db": "ZDI",
"id": "ZDI-16-650"
},
{
"db": "ZDI",
"id": "ZDI-16-649"
},
{
"db": "ZDI",
"id": "ZDI-16-659"
},
{
"db": "ZDI",
"id": "ZDI-16-653"
},
{
"db": "ZDI",
"id": "ZDI-16-648"
},
{
"db": "ZDI",
"id": "ZDI-16-661"
},
{
"db": "CNVD",
"id": "CNVD-2016-12683"
},
{
"db": "BID",
"id": "94887"
},
{
"db": "IVD",
"id": "e300285f-39ab-11e9-9115-000c29342cb1"
},
{
"db": "IVD",
"id": "c1b2c178-9e7c-41ad-b334-53f292b6a7f0"
},
{
"db": "VULHUB",
"id": "VHN-94624"
}
],
"trust": 9.72
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-5805",
"trust": 11.4
},
{
"db": "BID",
"id": "94887",
"trust": 2.6
},
{
"db": "ICS CERT",
"id": "ICSA-16-348-03",
"trust": 2.6
},
{
"db": "CNNVD",
"id": "CNNVD-201612-509",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2016-12683",
"trust": 1.0
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3915",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-661",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3865",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-648",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3930",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-653",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3916",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-659",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3859",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-649",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3909",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-651",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3911",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-656",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3860",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-650",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3931",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-654",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3913",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-658",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-4016",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-662",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3912",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-16-657",
"trust": 0.7
},
{
"db": "IVD",
"id": "C1B2C178-9E7C-41AD-B334-53F292B6A7F0",
"trust": 0.2
},
{
"db": "IVD",
"id": "E300285F-39AB-11E9-9115-000C29342CB1",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-94624",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "c1b2c178-9e7c-41ad-b334-53f292b6a7f0"
},
{
"db": "IVD",
"id": "e300285f-39ab-11e9-9115-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-16-661"
},
{
"db": "ZDI",
"id": "ZDI-16-648"
},
{
"db": "ZDI",
"id": "ZDI-16-653"
},
{
"db": "ZDI",
"id": "ZDI-16-659"
},
{
"db": "ZDI",
"id": "ZDI-16-649"
},
{
"db": "ZDI",
"id": "ZDI-16-651"
},
{
"db": "ZDI",
"id": "ZDI-16-656"
},
{
"db": "ZDI",
"id": "ZDI-16-650"
},
{
"db": "ZDI",
"id": "ZDI-16-654"
},
{
"db": "ZDI",
"id": "ZDI-16-658"
},
{
"db": "ZDI",
"id": "ZDI-16-662"
},
{
"db": "ZDI",
"id": "ZDI-16-657"
},
{
"db": "CNVD",
"id": "CNVD-2016-12683"
},
{
"db": "VULHUB",
"id": "VHN-94624"
},
{
"db": "BID",
"id": "94887"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-509"
},
{
"db": "NVD",
"id": "CVE-2016-5805"
}
]
},
"id": "VAR-201702-0423",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "c1b2c178-9e7c-41ad-b334-53f292b6a7f0"
},
{
"db": "IVD",
"id": "e300285f-39ab-11e9-9115-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2016-12683"
},
{
"db": "VULHUB",
"id": "VHN-94624"
}
],
"trust": 1.7291666650000002
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "c1b2c178-9e7c-41ad-b334-53f292b6a7f0"
},
{
"db": "IVD",
"id": "e300285f-39ab-11e9-9115-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2016-12683"
}
]
},
"last_update_date": "2024-07-23T22:40:53.160000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Delta Industrial Automation has issued an update to correct this vulnerability.",
"trust": 8.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-16-348-03"
},
{
"title": "Patches for Multiple Delta Electronics Product Heap Buffer Overflow Vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/86302"
},
{
"title": "Multiple Delta Electronics Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=66543"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-661"
},
{
"db": "ZDI",
"id": "ZDI-16-648"
},
{
"db": "ZDI",
"id": "ZDI-16-653"
},
{
"db": "ZDI",
"id": "ZDI-16-659"
},
{
"db": "ZDI",
"id": "ZDI-16-649"
},
{
"db": "ZDI",
"id": "ZDI-16-651"
},
{
"db": "ZDI",
"id": "ZDI-16-656"
},
{
"db": "ZDI",
"id": "ZDI-16-650"
},
{
"db": "ZDI",
"id": "ZDI-16-654"
},
{
"db": "ZDI",
"id": "ZDI-16-658"
},
{
"db": "ZDI",
"id": "ZDI-16-662"
},
{
"db": "ZDI",
"id": "ZDI-16-657"
},
{
"db": "CNVD",
"id": "CNVD-2016-12683"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-509"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-94624"
},
{
"db": "NVD",
"id": "CVE-2016-5805"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 10.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-16-348-03"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/94887"
},
{
"trust": 0.6,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-16-348-03#footnotea_6tkr584"
},
{
"trust": 0.3,
"url": "http://www.deltaww.com/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-661"
},
{
"db": "ZDI",
"id": "ZDI-16-648"
},
{
"db": "ZDI",
"id": "ZDI-16-653"
},
{
"db": "ZDI",
"id": "ZDI-16-659"
},
{
"db": "ZDI",
"id": "ZDI-16-649"
},
{
"db": "ZDI",
"id": "ZDI-16-651"
},
{
"db": "ZDI",
"id": "ZDI-16-656"
},
{
"db": "ZDI",
"id": "ZDI-16-650"
},
{
"db": "ZDI",
"id": "ZDI-16-654"
},
{
"db": "ZDI",
"id": "ZDI-16-658"
},
{
"db": "ZDI",
"id": "ZDI-16-662"
},
{
"db": "ZDI",
"id": "ZDI-16-657"
},
{
"db": "CNVD",
"id": "CNVD-2016-12683"
},
{
"db": "VULHUB",
"id": "VHN-94624"
},
{
"db": "BID",
"id": "94887"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-509"
},
{
"db": "NVD",
"id": "CVE-2016-5805"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "c1b2c178-9e7c-41ad-b334-53f292b6a7f0"
},
{
"db": "IVD",
"id": "e300285f-39ab-11e9-9115-000c29342cb1"
},
{
"db": "ZDI",
"id": "ZDI-16-661"
},
{
"db": "ZDI",
"id": "ZDI-16-648"
},
{
"db": "ZDI",
"id": "ZDI-16-653"
},
{
"db": "ZDI",
"id": "ZDI-16-659"
},
{
"db": "ZDI",
"id": "ZDI-16-649"
},
{
"db": "ZDI",
"id": "ZDI-16-651"
},
{
"db": "ZDI",
"id": "ZDI-16-656"
},
{
"db": "ZDI",
"id": "ZDI-16-650"
},
{
"db": "ZDI",
"id": "ZDI-16-654"
},
{
"db": "ZDI",
"id": "ZDI-16-658"
},
{
"db": "ZDI",
"id": "ZDI-16-662"
},
{
"db": "ZDI",
"id": "ZDI-16-657"
},
{
"db": "CNVD",
"id": "CNVD-2016-12683"
},
{
"db": "VULHUB",
"id": "VHN-94624"
},
{
"db": "BID",
"id": "94887"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-509"
},
{
"db": "NVD",
"id": "CVE-2016-5805"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-12-21T00:00:00",
"db": "IVD",
"id": "c1b2c178-9e7c-41ad-b334-53f292b6a7f0"
},
{
"date": "2016-12-21T00:00:00",
"db": "IVD",
"id": "e300285f-39ab-11e9-9115-000c29342cb1"
},
{
"date": "2016-12-15T00:00:00",
"db": "ZDI",
"id": "ZDI-16-661"
},
{
"date": "2016-12-15T00:00:00",
"db": "ZDI",
"id": "ZDI-16-648"
},
{
"date": "2016-12-15T00:00:00",
"db": "ZDI",
"id": "ZDI-16-653"
},
{
"date": "2016-12-15T00:00:00",
"db": "ZDI",
"id": "ZDI-16-659"
},
{
"date": "2016-12-15T00:00:00",
"db": "ZDI",
"id": "ZDI-16-649"
},
{
"date": "2016-12-15T00:00:00",
"db": "ZDI",
"id": "ZDI-16-651"
},
{
"date": "2016-12-15T00:00:00",
"db": "ZDI",
"id": "ZDI-16-656"
},
{
"date": "2016-12-15T00:00:00",
"db": "ZDI",
"id": "ZDI-16-650"
},
{
"date": "2016-12-15T00:00:00",
"db": "ZDI",
"id": "ZDI-16-654"
},
{
"date": "2016-12-15T00:00:00",
"db": "ZDI",
"id": "ZDI-16-658"
},
{
"date": "2016-12-15T00:00:00",
"db": "ZDI",
"id": "ZDI-16-662"
},
{
"date": "2016-12-15T00:00:00",
"db": "ZDI",
"id": "ZDI-16-657"
},
{
"date": "2016-12-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-12683"
},
{
"date": "2017-02-13T00:00:00",
"db": "VULHUB",
"id": "VHN-94624"
},
{
"date": "2016-12-14T00:00:00",
"db": "BID",
"id": "94887"
},
{
"date": "2016-12-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201612-509"
},
{
"date": "2017-02-13T21:59:00.393000",
"db": "NVD",
"id": "CVE-2016-5805"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-12-15T00:00:00",
"db": "ZDI",
"id": "ZDI-16-661"
},
{
"date": "2016-12-15T00:00:00",
"db": "ZDI",
"id": "ZDI-16-648"
},
{
"date": "2016-12-15T00:00:00",
"db": "ZDI",
"id": "ZDI-16-653"
},
{
"date": "2016-12-15T00:00:00",
"db": "ZDI",
"id": "ZDI-16-659"
},
{
"date": "2016-12-15T00:00:00",
"db": "ZDI",
"id": "ZDI-16-649"
},
{
"date": "2016-12-15T00:00:00",
"db": "ZDI",
"id": "ZDI-16-651"
},
{
"date": "2016-12-15T00:00:00",
"db": "ZDI",
"id": "ZDI-16-656"
},
{
"date": "2016-12-15T00:00:00",
"db": "ZDI",
"id": "ZDI-16-650"
},
{
"date": "2016-12-15T00:00:00",
"db": "ZDI",
"id": "ZDI-16-654"
},
{
"date": "2016-12-15T00:00:00",
"db": "ZDI",
"id": "ZDI-16-658"
},
{
"date": "2016-12-15T00:00:00",
"db": "ZDI",
"id": "ZDI-16-662"
},
{
"date": "2016-12-15T00:00:00",
"db": "ZDI",
"id": "ZDI-16-657"
},
{
"date": "2018-11-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-12683"
},
{
"date": "2017-03-14T00:00:00",
"db": "VULHUB",
"id": "VHN-94624"
},
{
"date": "2016-12-20T01:09:00",
"db": "BID",
"id": "94887"
},
{
"date": "2016-12-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201612-509"
},
{
"date": "2017-03-14T19:01:27.053000",
"db": "NVD",
"id": "CVE-2016-5805"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201612-509"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Delta Industrial Automation WPLSoft DVP File Parsing Heap-Based Buffer Overflow Remote Code Execution Vulnerability",
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-648"
},
{
"db": "ZDI",
"id": "ZDI-16-656"
},
{
"db": "ZDI",
"id": "ZDI-16-657"
}
],
"trust": 2.1
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "c1b2c178-9e7c-41ad-b334-53f292b6a7f0"
},
{
"db": "IVD",
"id": "e300285f-39ab-11e9-9115-000c29342cb1"
},
{
"db": "CNNVD",
"id": "CNNVD-201612-509"
}
],
"trust": 1.0
}
}
Loading...