CVE-2017-12704

Summary

A heap-based buffer overflow issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. Researchers have identified multiple vulnerabilities where there is a lack of proper validation of the length of user-supplied data prior to copying it to the heap-based buffer, which could allow an attacker to execute arbitrary code under the context of the process.

Affected Software

VendorProductVersion RangeStatus
n/aAdvantech WebAccessAdvantech WebAccessaffected

Weaknesses

  • CWE-122: CWE-122

ADP Enrichment

CVE Program Container

Additional References

References