Sign-up

ID

VAR-201601-0746


TITLE

(0Day) Proface GP-Pro EX Out-Of-Bounds Read Information Disclosure Vulnerability

Trust: 0.7

sources: ZDI: ZDI-16-005

DESCRIPTION

This vulnerability allows remote attackers to disclose information on vulnerable installations of Proface GP-Pro EX. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within BeginPreRead processing. When handling malformed 0x7f77 type fields, it is possible for an attacker to force an out-of-bounds read. An attacker can leverage this vulnerability to disclose arbitrary memory.

Trust: 0.7

sources: ZDI: ZDI-16-005

AFFECTED PRODUCTS

vendor:profacemodel:gp-pro exscope: - version: -

Trust: 0.7

sources: ZDI: ZDI-16-005

CVSS

SEVERITY

CVSSV2

CVSSV3

ZDI: ZDI-16-005
value: MEDIUM

Trust: 0.7

ZDI: ZDI-16-005
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.7

sources: ZDI: ZDI-16-005

PATCH

title:This vulnerability is being disclosed publicly without a patch in accordance with the ZDI 120 day deadline.06/25/2015 - ZDI disclosed 4 cases to ICS-CERT06/25/2015 - ICS-CERT acknowledged and provided the ZDI an ICS-VU#10/03/2015 - ZDI asked for an update from ICS-CERT and reminded of the 10/23/2015 due date, asking if a short extension was neededThere was no reply but ZDI granted an extension for the cases.12/09/2015 - ZDI wrote to ICS-CERT to ask the status and notify of the intent to 0-day the reports at EOY-- Mitigation:Given the stated purpose of Proface GP-Pro, and the nature of the vulnerability, the only salient mitigation strategy is to restrict interaction with the application to trusted files.-- Vendor Response Link:url:http://www.schneider-electric.com/ww/en/download/document/sevd-2016-074-01

Trust: 0.7

sources: ZDI: ZDI-16-005

EXTERNAL IDS

db:ZDI_CANid:ZDI-CAN-2959

Trust: 0.7

db:ZDIid:ZDI-16-005

Trust: 0.7

sources: ZDI: ZDI-16-005

REFERENCES

url:http://www.schneider-electric.com/ww/en/download/document/sevd-2016-074-01

Trust: 0.7

sources: ZDI: ZDI-16-005

CREDITS

Brian Gorenc - HP Zero Day Initiative

Trust: 0.7

sources: ZDI: ZDI-16-005

SOURCES

db:ZDIid:ZDI-16-005

LAST UPDATE DATE

2022-05-17T01:43:19.581000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-16-005date:2016-01-08T00:00:00

SOURCES RELEASE DATE

db:ZDIid:ZDI-16-005date:2016-01-08T00:00:00