RSS   Vulnerabilities for 'Vt-designer'   RSS

2018-11-30
 
CVE-2018-18987

CWE-502
 

 
VT-Designer Version 2.1.7.31 is vulnerable by the program populating objects with user supplied input via a file without first checking for validity, allowing attacker supplied input to be written to known memory locations. This may cause the program to crash or allow remote code execution.

 
 
CVE-2018-18983

CWE-119
 

 
VT-Designer Version 2.1.7.31 is vulnerable by the program reading the contents of a file (which is already in memory) into another heap-based buffer, which may cause the program to crash or allow remote code execution.

 

 >>> Vendor: INVT 2 Products
Studio
Vt-designer


Copyright 2019, cxsecurity.com

 

Back to Top