Delta Electronics PMSoft CVE-2018-8839 Multiple Stack Based Buffer Overflow Vulnerabilities

Bugtraq ID:	104013
Class:	Boundary Condition Error
CVE:	CVE-2018-8839
Remote:	Yes
Local:	No
Published:	Apr 26 2018 12:00AM
Updated:	Apr 26 2018 12:00AM
Credit:	Ghirmay Desta, working with Trend Micro�??s Zero Day Initiative
Vulnerable:	Delta Electronics INC PMSoft 2.10
Not Vulnerable:	Delta Electronics INC PMSoft 2.11

Delta Electronics PMSoft CVE-2018-8839 Multiple Stack Based Buffer Overflow Vulnerabilities

Delta Electronics PMSoft is prone to multiple stack-based buffer-overflow vulnerabilities.

Attackers can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions.

Delta Electronics PMSoft version 2.10 and prior versions are vulnerable.

Delta Electronics PMSoft CVE-2018-8839 Multiple Stack Based Buffer Overflow Vulnerabilities

References:

• Delta Electronics Homepage (Delta Electronics)
  
• ICSA-18-116-01: Delta Electronics PMSoft (ICS CERT)