|
|||
Rule General Information |
---|
Release Date: | 2016-05-25 | |
Rule Name: | WEB-OTHER Codesys Gateway Server Opcode 0x3ef Heap Buffer Overflow Vulnerability (CVE-2015-6460) | |
Severity: | ||
CVE ID: | ||
Rule Protection Details |
---|
Description: | Multiple heap-based buffer overflows in 3S-Smart CODESYS Gateway Server before 2.3.9.47 allow remote attackers to execute arbitrary code via opcode (1) 0x3ef or (2) 0x3f0. | |
Impact: | A buffer overflow vulnerability can be triggered by an attacker in the context of the vulnerable product. Further attacks includes arbitrary code execution and denial of service. | |
Affected OS: | Windows | |
Reference: | ZeroDayInitiative:ZDI-15-441 ZeroDayInitiative:ZDI-15-442 https://ics-cert.us-cert.gov/advisories/ICSA-15-258-02 |
|
Solutions |
---|
More advisories have been published on the website, please visit for more suggestions: http://www.codesys.com/download.html |