|
|
|||
| Rule General Information |
|---|
| Release Date: | 2016-05-25 | |
| Rule Name: | WEB-OTHER Codesys Gateway Server Opcode 0x3ef Heap Buffer Overflow Vulnerability (CVE-2015-6460) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Multiple heap-based buffer overflows in 3S-Smart CODESYS Gateway Server before 2.3.9.47 allow remote attackers to execute arbitrary code via opcode (1) 0x3ef or (2) 0x3f0. | |
| Impact: | A buffer overflow vulnerability can be triggered by an attacker in the context of the vulnerable product. Further attacks includes arbitrary code execution and denial of service. | |
| Affected OS: | Windows | |
| Reference: | ZeroDayInitiative:ZDI-15-441 ZeroDayInitiative:ZDI-15-442 https://ics-cert.us-cert.gov/advisories/ICSA-15-258-02 |
|
| Solutions |
|---|
| More advisories have been published on the website, please visit for more suggestions: http://www.codesys.com/download.html |