var-201804-0784
Vulnerability from variot
Mitsubishi E-Designer, Version 7.52 Build 344 contains six code sections which may be exploited to overwrite the stack. This can result in arbitrary code execution, compromised data integrity, denial of service, and system crash. Mitsubishi E-Designer Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mitsubishi Electric E-Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within processing of SetupAlarm sections of a mpa (project specification) file. When parsing the property Font, the process fails to properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute arbitrary code in the context of the Administrator. E-Designer is an E-series programming software from Mitsubishi Electric Europe B.V. Mitsubishi E-Designer is prone to the following vulnerabilities: 1. Multiple stack-based overflow vulnerabilities. 2. Multiple heap-based overflow vulnerabilities. 3. Multiple denial-of-service overflow vulnerabilities. Failed exploit attempts will result in denial-of-service conditions
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "e-designer",
"scope": null,
"trust": 4.2,
"vendor": "mitsubishi electric",
"version": null
},
{
"_id": null,
"model": "e-designer",
"scope": "eq",
"trust": 1.6,
"vendor": "mitsubishielectric",
"version": "7.52"
},
{
"_id": null,
"model": "e-designer",
"scope": "eq",
"trust": 0.8,
"vendor": "mitsubishi electric",
"version": "7.52 build 344"
},
{
"_id": null,
"model": "electric europe b.v. e-designer build",
"scope": "eq",
"trust": 0.6,
"vendor": "mitsubishi",
"version": "7.52344"
},
{
"_id": null,
"model": "electric e-designer build",
"scope": "eq",
"trust": 0.3,
"vendor": "mitsubishi",
"version": "7.52344"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "e designer",
"version": "7.52"
}
],
"sources": [
{
"db": "IVD",
"id": "ba5b1d78-480a-4bc9-a667-e19335367d20"
},
{
"db": "ZDI",
"id": "ZDI-17-508"
},
{
"db": "ZDI",
"id": "ZDI-17-509"
},
{
"db": "ZDI",
"id": "ZDI-17-516"
},
{
"db": "ZDI",
"id": "ZDI-17-514"
},
{
"db": "ZDI",
"id": "ZDI-17-513"
},
{
"db": "ZDI",
"id": "ZDI-17-515"
},
{
"db": "CNVD",
"id": "CNVD-2017-22835"
},
{
"db": "BID",
"id": "100097"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013251"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-865"
},
{
"db": "NVD",
"id": "CVE-2017-9638"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:mitsubishielectric:e-designer",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-013251"
}
]
},
"credits": {
"_id": null,
"data": "rgod",
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-508"
},
{
"db": "ZDI",
"id": "ZDI-17-509"
},
{
"db": "ZDI",
"id": "ZDI-17-516"
},
{
"db": "ZDI",
"id": "ZDI-17-514"
},
{
"db": "ZDI",
"id": "ZDI-17-513"
},
{
"db": "ZDI",
"id": "ZDI-17-515"
}
],
"trust": 4.2
},
"cve": "CVE-2017-9638",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2017-9638",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 4.2,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2017-9638",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2017-22835",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "ba5b1d78-480a-4bc9-a667-e19335367d20",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2017-9638",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2017-9638",
"trust": 4.2,
"value": "HIGH"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2017-9638",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2017-9638",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2017-22835",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201706-865",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "ba5b1d78-480a-4bc9-a667-e19335367d20",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2017-9638",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "ba5b1d78-480a-4bc9-a667-e19335367d20"
},
{
"db": "ZDI",
"id": "ZDI-17-508"
},
{
"db": "ZDI",
"id": "ZDI-17-509"
},
{
"db": "ZDI",
"id": "ZDI-17-516"
},
{
"db": "ZDI",
"id": "ZDI-17-514"
},
{
"db": "ZDI",
"id": "ZDI-17-513"
},
{
"db": "ZDI",
"id": "ZDI-17-515"
},
{
"db": "CNVD",
"id": "CNVD-2017-22835"
},
{
"db": "VULMON",
"id": "CVE-2017-9638"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013251"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-865"
},
{
"db": "NVD",
"id": "CVE-2017-9638"
}
]
},
"description": {
"_id": null,
"data": "Mitsubishi E-Designer, Version 7.52 Build 344 contains six code sections which may be exploited to overwrite the stack. This can result in arbitrary code execution, compromised data integrity, denial of service, and system crash. Mitsubishi E-Designer Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mitsubishi Electric E-Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within processing of SetupAlarm sections of a mpa (project specification) file. When parsing the property Font, the process fails to properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute arbitrary code in the context of the Administrator. E-Designer is an E-series programming software from Mitsubishi Electric Europe B.V. Mitsubishi E-Designer is prone to the following vulnerabilities:\n1. Multiple stack-based overflow vulnerabilities. \n2. Multiple heap-based overflow vulnerabilities. \n3. Multiple denial-of-service overflow vulnerabilities. Failed exploit attempts will result in denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-9638"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013251"
},
{
"db": "ZDI",
"id": "ZDI-17-508"
},
{
"db": "ZDI",
"id": "ZDI-17-509"
},
{
"db": "ZDI",
"id": "ZDI-17-516"
},
{
"db": "ZDI",
"id": "ZDI-17-514"
},
{
"db": "ZDI",
"id": "ZDI-17-513"
},
{
"db": "ZDI",
"id": "ZDI-17-515"
},
{
"db": "CNVD",
"id": "CNVD-2017-22835"
},
{
"db": "BID",
"id": "100097"
},
{
"db": "IVD",
"id": "ba5b1d78-480a-4bc9-a667-e19335367d20"
},
{
"db": "VULMON",
"id": "CVE-2017-9638"
}
],
"trust": 6.48
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2017-9638",
"trust": 7.8
},
{
"db": "ICS CERT",
"id": "ICSA-17-213-01",
"trust": 3.4
},
{
"db": "BID",
"id": "100097",
"trust": 2.0
},
{
"db": "CNVD",
"id": "CNVD-2017-22835",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201706-865",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013251",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3803",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-17-508",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3808",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-17-509",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3796",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-17-516",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3798",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-17-514",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3799",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-17-513",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3797",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-17-515",
"trust": 0.7
},
{
"db": "IVD",
"id": "BA5B1D78-480A-4BC9-A667-E19335367D20",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2017-9638",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "ba5b1d78-480a-4bc9-a667-e19335367d20"
},
{
"db": "ZDI",
"id": "ZDI-17-508"
},
{
"db": "ZDI",
"id": "ZDI-17-509"
},
{
"db": "ZDI",
"id": "ZDI-17-516"
},
{
"db": "ZDI",
"id": "ZDI-17-514"
},
{
"db": "ZDI",
"id": "ZDI-17-513"
},
{
"db": "ZDI",
"id": "ZDI-17-515"
},
{
"db": "CNVD",
"id": "CNVD-2017-22835"
},
{
"db": "VULMON",
"id": "CVE-2017-9638"
},
{
"db": "BID",
"id": "100097"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013251"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-865"
},
{
"db": "NVD",
"id": "CVE-2017-9638"
}
]
},
"id": "VAR-201804-0784",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "ba5b1d78-480a-4bc9-a667-e19335367d20"
},
{
"db": "CNVD",
"id": "CNVD-2017-22835"
}
],
"trust": 1.675
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "ba5b1d78-480a-4bc9-a667-e19335367d20"
},
{
"db": "CNVD",
"id": "CNVD-2017-22835"
}
]
},
"last_update_date": "2024-11-23T22:00:36.899000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Mitsubishi Electric has issued an update to correct this vulnerability.",
"trust": 4.2,
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-213-01"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.mitsubishielectric.co.jp/fa/"
},
{
"title": "Patch for Mitsubishi Electric Europe B.V. E-Designer Buffer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/100854"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-508"
},
{
"db": "ZDI",
"id": "ZDI-17-509"
},
{
"db": "ZDI",
"id": "ZDI-17-516"
},
{
"db": "ZDI",
"id": "ZDI-17-514"
},
{
"db": "ZDI",
"id": "ZDI-17-513"
},
{
"db": "ZDI",
"id": "ZDI-17-515"
},
{
"db": "CNVD",
"id": "CNVD-2017-22835"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013251"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
},
{
"problemtype": "CWE-121",
"trust": 1.0
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-013251"
},
{
"db": "NVD",
"id": "CVE-2017-9638"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 7.6,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-213-01"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/100097"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-9638"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-9638"
},
{
"trust": 0.3,
"url": "http://www.mrslim.com/home.asp"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-508"
},
{
"db": "ZDI",
"id": "ZDI-17-509"
},
{
"db": "ZDI",
"id": "ZDI-17-516"
},
{
"db": "ZDI",
"id": "ZDI-17-514"
},
{
"db": "ZDI",
"id": "ZDI-17-513"
},
{
"db": "ZDI",
"id": "ZDI-17-515"
},
{
"db": "CNVD",
"id": "CNVD-2017-22835"
},
{
"db": "VULMON",
"id": "CVE-2017-9638"
},
{
"db": "BID",
"id": "100097"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013251"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-865"
},
{
"db": "NVD",
"id": "CVE-2017-9638"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "ba5b1d78-480a-4bc9-a667-e19335367d20",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-17-508",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-17-509",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-17-516",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-17-514",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-17-513",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-17-515",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2017-22835",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2017-9638",
"ident": null
},
{
"db": "BID",
"id": "100097",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013251",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201706-865",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2017-9638",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2017-08-25T00:00:00",
"db": "IVD",
"id": "ba5b1d78-480a-4bc9-a667-e19335367d20",
"ident": null
},
{
"date": "2017-08-01T00:00:00",
"db": "ZDI",
"id": "ZDI-17-508",
"ident": null
},
{
"date": "2017-08-01T00:00:00",
"db": "ZDI",
"id": "ZDI-17-509",
"ident": null
},
{
"date": "2017-08-01T00:00:00",
"db": "ZDI",
"id": "ZDI-17-516",
"ident": null
},
{
"date": "2017-08-01T00:00:00",
"db": "ZDI",
"id": "ZDI-17-514",
"ident": null
},
{
"date": "2017-08-01T00:00:00",
"db": "ZDI",
"id": "ZDI-17-513",
"ident": null
},
{
"date": "2017-08-01T00:00:00",
"db": "ZDI",
"id": "ZDI-17-515",
"ident": null
},
{
"date": "2017-08-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-22835",
"ident": null
},
{
"date": "2018-04-17T00:00:00",
"db": "VULMON",
"id": "CVE-2017-9638",
"ident": null
},
{
"date": "2017-08-01T00:00:00",
"db": "BID",
"id": "100097",
"ident": null
},
{
"date": "2018-06-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-013251",
"ident": null
},
{
"date": "2017-06-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201706-865",
"ident": null
},
{
"date": "2018-04-17T14:29:00.463000",
"db": "NVD",
"id": "CVE-2017-9638",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2017-08-01T00:00:00",
"db": "ZDI",
"id": "ZDI-17-508",
"ident": null
},
{
"date": "2017-08-01T00:00:00",
"db": "ZDI",
"id": "ZDI-17-509",
"ident": null
},
{
"date": "2017-08-01T00:00:00",
"db": "ZDI",
"id": "ZDI-17-516",
"ident": null
},
{
"date": "2017-08-01T00:00:00",
"db": "ZDI",
"id": "ZDI-17-514",
"ident": null
},
{
"date": "2017-08-01T00:00:00",
"db": "ZDI",
"id": "ZDI-17-513",
"ident": null
},
{
"date": "2017-08-01T00:00:00",
"db": "ZDI",
"id": "ZDI-17-515",
"ident": null
},
{
"date": "2017-08-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-22835",
"ident": null
},
{
"date": "2019-10-09T00:00:00",
"db": "VULMON",
"id": "CVE-2017-9638",
"ident": null
},
{
"date": "2017-08-01T00:00:00",
"db": "BID",
"id": "100097",
"ident": null
},
{
"date": "2018-06-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-013251",
"ident": null
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201706-865",
"ident": null
},
{
"date": "2024-11-21T03:36:34.040000",
"db": "NVD",
"id": "CVE-2017-9638",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201706-865"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Mitsubishi Electric Europe B.V. E-Designer Buffer Overflow Vulnerability",
"sources": [
{
"db": "IVD",
"id": "ba5b1d78-480a-4bc9-a667-e19335367d20"
},
{
"db": "CNVD",
"id": "CNVD-2017-22835"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "ba5b1d78-480a-4bc9-a667-e19335367d20"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-865"
}
],
"trust": 0.8
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…