var-201607-0382
Vulnerability from variot
Heap-based buffer overflow in elcsoft.exe in Eaton ELCSoft 2.4.01 and earlier allows remote authenticated users to execute arbitrary code via a crafted file. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within processing of EPC files. Parsing a specially crafted EPC file can cause ELCSoft.exe to overwrite a TList object in memory. An attacker can leverage this vulnerability to execute arbitrary code in the context of the process. Eaton ELCSoft Programming Software is a set of software for configuring programmable logic controllers by Eaton, USA.
A heap buffer overflow vulnerability exists in Eaton ELCSoft Programming Software 2.4.01 and earlier. Eaton ELCSoft Programming Software is prone to multiple buffer-overflow vulnerabilities because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer. Failed exploits will result in denial-of-service condition. Eaton ELCSoft 2.4.01 and prior versions are vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201607-0382",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "elcsoft",
"scope": "lte",
"trust": 1.8,
"vendor": "eaton",
"version": "2.4.01"
},
{
"model": "elcsoft",
"scope": "eq",
"trust": 0.9,
"vendor": "eaton",
"version": "2.4.01"
},
{
"model": "elcsoft",
"scope": null,
"trust": 0.7,
"vendor": "eaton",
"version": null
},
{
"model": "elcsoft programming software",
"scope": "lte",
"trust": 0.6,
"vendor": "eaton",
"version": "\u003c=2.4.01"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-408"
},
{
"db": "CNVD",
"id": "CNVD-2016-04476"
},
{
"db": "BID",
"id": "91524"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003453"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-672"
},
{
"db": "NVD",
"id": "CVE-2016-4509"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:eaton:elcsoft",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-003453"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ariele Caltabiano (kimiya)",
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-408"
}
],
"trust": 0.7
},
"cve": "CVE-2016-4509",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"id": "CVE-2016-4509",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2016-4509",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-04476",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "LOW",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 1.8,
"id": "CVE-2016-4509",
"impactScore": 3.7,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-4509",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2016-4509",
"trust": 0.8,
"value": "Medium"
},
{
"author": "ZDI",
"id": "CVE-2016-4509",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2016-04476",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201606-672",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-408"
},
{
"db": "CNVD",
"id": "CNVD-2016-04476"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003453"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-672"
},
{
"db": "NVD",
"id": "CVE-2016-4509"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in elcsoft.exe in Eaton ELCSoft 2.4.01 and earlier allows remote authenticated users to execute arbitrary code via a crafted file. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within processing of EPC files. Parsing a specially crafted EPC file can cause ELCSoft.exe to overwrite a TList object in memory. An attacker can leverage this vulnerability to execute arbitrary code in the context of the process. Eaton ELCSoft Programming Software is a set of software for configuring programmable logic controllers by Eaton, USA. \n\nA heap buffer overflow vulnerability exists in Eaton ELCSoft Programming Software 2.4.01 and earlier. Eaton ELCSoft Programming Software is prone to multiple buffer-overflow vulnerabilities because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer. Failed exploits will result in denial-of-service condition. \nEaton ELCSoft 2.4.01 and prior versions are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-4509"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003453"
},
{
"db": "ZDI",
"id": "ZDI-16-408"
},
{
"db": "CNVD",
"id": "CNVD-2016-04476"
},
{
"db": "BID",
"id": "91524"
}
],
"trust": 3.06
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-4509",
"trust": 4.0
},
{
"db": "ICS CERT",
"id": "ICSA-16-182-01",
"trust": 3.3
},
{
"db": "ZDI",
"id": "ZDI-16-408",
"trust": 2.0
},
{
"db": "BID",
"id": "91524",
"trust": 1.3
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003453",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3675",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-04476",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201606-672",
"trust": 0.6
},
{
"db": "ZDI",
"id": "ZDI-16-407",
"trust": 0.3
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-408"
},
{
"db": "CNVD",
"id": "CNVD-2016-04476"
},
{
"db": "BID",
"id": "91524"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003453"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-672"
},
{
"db": "NVD",
"id": "CVE-2016-4509"
}
]
},
"id": "VAR-201607-0382",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.15099715
},
"last_update_date": "2024-11-23T22:18:15.258000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "ELCSoft Programming Software",
"trust": 0.8,
"url": "http://www.eaton.in/Eaton/ProductsServices/Electrical/ProductsandServices/AutomationandControl/PLCsandHMI-PLCs/ELCSeriesPLCs/ELCSoftProgrammingSoftware/index.htm"
},
{
"title": "Eaton has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-182-01"
},
{
"title": "Patch for Eaton ELCSoft Programming Software Heap Buffer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/78553"
},
{
"title": "Eaton ELCSoft Programming Software Fixes for heap-based buffer overflow vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=62581"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-408"
},
{
"db": "CNVD",
"id": "CNVD-2016-04476"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003453"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-672"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-003453"
},
{
"db": "NVD",
"id": "CVE-2016-4509"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 4.0,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-16-182-01"
},
{
"trust": 1.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-408"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/91524"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4509"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4509"
},
{
"trust": 0.3,
"url": "http://www.eaton.com/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-16-407"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-16-408"
},
{
"db": "CNVD",
"id": "CNVD-2016-04476"
},
{
"db": "BID",
"id": "91524"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003453"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-672"
},
{
"db": "NVD",
"id": "CVE-2016-4509"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-16-408"
},
{
"db": "CNVD",
"id": "CNVD-2016-04476"
},
{
"db": "BID",
"id": "91524"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003453"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-672"
},
{
"db": "NVD",
"id": "CVE-2016-4509"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-07-07T00:00:00",
"db": "ZDI",
"id": "ZDI-16-408"
},
{
"date": "2016-07-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-04476"
},
{
"date": "2016-06-30T00:00:00",
"db": "BID",
"id": "91524"
},
{
"date": "2016-07-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-003453"
},
{
"date": "2016-06-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201606-672"
},
{
"date": "2016-07-03T14:59:06.727000",
"db": "NVD",
"id": "CVE-2016-4509"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-07-07T00:00:00",
"db": "ZDI",
"id": "ZDI-16-408"
},
{
"date": "2016-07-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-04476"
},
{
"date": "2016-07-08T23:00:00",
"db": "BID",
"id": "91524"
},
{
"date": "2016-07-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-003453"
},
{
"date": "2016-07-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201606-672"
},
{
"date": "2024-11-21T02:52:22.340000",
"db": "NVD",
"id": "CVE-2016-4509"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201606-672"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Eaton ELCSoft of elcsoft.exe Heap-based buffer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-003453"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201606-672"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…