Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current process.
Metrics
Affected Vendors & Products
References
History
Thu, 29 Aug 2024 18:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Deltaww
Deltaww cncsoft-g2 |
|
Weaknesses | CWE-787 | |
CPEs | cpe:2.3:a:deltaww:cncsoft-g2:2.0.0.5:*:*:*:*:*:*:* | |
Vendors & Products |
Deltaww
Deltaww cncsoft-g2 |
MITRE
Status: PUBLISHED
Assigner: icscert
Published: 2024-07-09T21:21:47.678Z
Updated: 2024-08-02T04:33:11.485Z
Reserved: 2024-07-01T18:13:23.097Z
Link: CVE-2024-39880
Vulnrichment
Updated: 2024-08-02T04:33:11.485Z
NVD
Status : Modified
Published: 2024-07-09T22:15:02.740
Modified: 2024-11-21T09:28:29.407
Link: CVE-2024-39880
Redhat
No data.