Short Name |
HTTP:MITSUBISHI-ELECTRIC-SBO |
---|---|
Severity |
Major |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Mitsubishi Electric E-Designer SetupAlarm Font Stack Buffer Overflow |
Release Date |
2017/08/30 |
Update Number |
2985 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
A stack-based buffer overflow vulnerability exists in Mitsubishi's Electric E-Designer. A remote attacker can exploit this vulnerability by enticing a user to visit a maliciously crafted website. This can lead to arbitrary code execution in the context of the affected user.
Mitsubishi E-Designer, Version 7.52 Build 344 contains six code sections which may be exploited to overwrite the stack. This can result in arbitrary code execution, compromised data integrity, denial of service, and system crash.