3 matches found
CVE-2017-2779
An exploitable memory corruption vulnerability exists in the RSRC segment parsing functionality of LabVIEW 2017, LabVIEW 2016, LabVIEW 2015, and LabVIEW 2014. A specially crafted Virtual Instrument VI file can cause an attacker controlled looping condition resulting in an arbitrary null write. An...
CVE-2017-2779
The CVE-2017-2779 vulnerability affects National Instruments LabVIEW (LabVIEW 2016, 2017, 2015, 2014) where the RSRC segment parsing can be manipulated. In LabVIEW’s RSRC handling, the loop counter and offsets from the RSRC data can be controlled by an attacker via a specially crafted VI file. Th...
Vulnerability Spotlight: Code Execution Vulnerability in LabVIEW
Vulnerability discovered by Cory Duplantis of Cisco Talos.Update: 9/1/17 - National Instruments has published the following advisoryOverviewLabVIEW is a system design and development platform released by National Instruments. The software is widely used to create applications for data acquisition...