QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2019-6537

Back to search

CVE-2019-6537

Published: Feb 13, 2019

Modified: Sep 16, 2024

PUBLISHED

Description

Multiple stack-based buffer overflow vulnerabilities in WECON LeviStudioU version 1.8.56 and prior may be exploited when parsing strings within project files. The process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage these vulnerabilities to execute code under the context of the current process. Mat Powell, Ziad Badawi, and Natnael Samson working with Trend Micro's Zero Day Initiative, reported these vulnerabilities to NCCIC.

VendorProductVersions

ICS-CERT

WECON LeviStudioU

affected
LeviStudioU Versions 1.8.56 and prior

Weaknesses (CWE)

CWE-121

References

106861
vdb-entry
x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now