RSS   Vulnerabilities for 'Levistudiou'   RSS

2022-01-14
 
CVE-2021-23138

CWE-787
 

 
WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute code.

 
 
CVE-2021-23157

CWE-787
 

 
WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to a heap-based buffer overflow, which may allow an attacker to remotely execute code.

 
2021-12-13
 
CVE-2021-43983

CWE-787
 

 
WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to multiple stack-based buffer overflow instances while parsing project files, which may allow an attacker to execute arbitrary code.

 
2021-02-23
 
CVE-2020-16243

CWE-787
 

 
Multiple buffer overflow vulnerabilities exist when LeviStudioU (Version 2019-09-21 and prior) processes project files. Opening a specially crafted project file could allow an attacker to exploit and execute code under the privileges of the application.

 
2020-12-09
 
CVE-2020-25199

CWE-787
 

 
A heap-based buffer overflow vulnerability exists within the WECON LeviStudioU Release Build 2019-09-21 and prior when processing project files. Opening a specially crafted project file could allow an attacker to exploit and execute code under the privileges of the application.

 
2019-02-12
 
CVE-2019-6541

CWE-119
 

 
A memory corruption vulnerability has been identified in WECON LeviStudioU version 1.8.56 and prior, which may allow arbitrary code execution. Mat Powell, Ziad Badawi, and Natnael Samson working with Trend Micro's Zero Day Initiative, reported these vulnerabilities to NCCIC.

 
 
CVE-2019-6539

CWE-119
 

 
Several heap-based buffer overflow vulnerabilities in WECON LeviStudioU version 1.8.56 and prior have been identified, which may allow arbitrary code execution. Mat Powell, Ziad Badawi, and Natnael Samson working with Trend Micro's Zero Day Initiative, reported these vulnerabilities to NCCIC.

 
 
CVE-2019-6537

CWE-119
 

 
Multiple stack-based buffer overflow vulnerabilities in WECON LeviStudioU version 1.8.56 and prior may be exploited when parsing strings within project files. The process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage these vulnerabilities to execute code under the context of the current process. Mat Powell, Ziad Badawi, and Natnael Samson working with Trend Micro's Zero Day Initiative, reported these vulnerabilities to NCCIC.

 
2018-10-09
 
CVE-2018-10614

CWE-611
 

 
An XXE vulnerability in LeviStudioU, Versions 1.8.29 and 1.8.44 can be exploited when the application processes specially crafted project XML files.

 
 
CVE-2018-10610

CWE-787
 

 
An out-of-bounds vulnerability in LeviStudioU, Versions 1.8.29 and 1.8.44 can be exploited when the application processes specially crafted project files.

 


Copyright 2024, cxsecurity.com

 

Back to Top