Lucene search

IcscertCVE-2016-5781

HistoryJul 12, 2016 - 2:00 a.m.

CVE-2016-5781

2016-07-1202:00:13

CWE-119

icscert

web.nvd.nist.gov

cve-2016-5781

stack-based buffer overflow

wecon levistudio

remote code execution

crafted file

nvd

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.039

Percentile

92.0%

JSON

Stack-based buffer overflow in WECON LeviStudio allows remote attackers to execute arbitrary code via a crafted file.

Affected configurations

Nvd

Node

weconlevistudioMatch-

VendorProductVersionCPE
weconlevistudio-cpe:2.3:a:wecon:levistudio:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
wecon	levistudio	-	cpe:2.3:a:wecon:levistudio:-:::::::*

References

www.securityfocus.com/bid/91522

ics-cert.us-cert.gov/advisories/ICSA-16-189-01

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.039

Percentile

92.0%

JSON

Related for CVE-2016-5781