Details of VAR-201908-2054

ID

VAR-201908-2054

TITLE

Delta TPEditor tpe project file has a memory corruption vulnerability

Trust: 0.6

sources: CNVD: CNVD-2019-27257

DESCRIPTION

Delta TPEditor is a man-machine interface programming software. The Delta TPEditor tpe project file has a memory corruption vulnerability. The attacker can trick the user who installed TPEditor to open the malicious tpe file, and then trigger the execution of malicious code on the user's system or cause the program to initiate a denial of service attack

Trust: 0.72

sources: CNVD: CNVD-2019-27257 // IVD: cf491a94-cb2d-42d4-b4d0-3c717a6ad18b

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: cf491a94-cb2d-42d4-b4d0-3c717a6ad18b // CNVD: CNVD-2019-27257

AFFECTED PRODUCTS

vendor:	delta management	model:	tpeditor	scope:	eq	version:	1.94	Trust: 0.6
vendor:	delta electronic management	model:	tpeditor	scope:	eq	version:	1.94	Trust: 0.2

sources: IVD: cf491a94-cb2d-42d4-b4d0-3c717a6ad18b // CNVD: CNVD-2019-27257

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2019-27257
value:	MEDIUM
Trust: 0.6
IVD:	cf491a94-cb2d-42d4-b4d0-3c717a6ad18b
value:	MEDIUM
Trust: 0.2

CNVD:	CNVD-2019-27257
severity:	MEDIUM
baseScore:	4.9
vectorString:	AV:L/AC:L/AU:N/C:N/I:N/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	cf491a94-cb2d-42d4-b4d0-3c717a6ad18b
severity:	MEDIUM
baseScore:	4.9
vectorString:	AV:L/AC:L/AU:N/C:N/I:N/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

sources: IVD: cf491a94-cb2d-42d4-b4d0-3c717a6ad18b // CNVD: CNVD-2019-27257

TYPE

Resource management error

Trust: 0.2

sources: IVD: cf491a94-cb2d-42d4-b4d0-3c717a6ad18b

PATCH

title:

The delta TPEditor tpe project file has a memory corruption vulnerability

url:

https://www.cnvd.org.cn/patchinfo/show/171241

Trust: 0.6

sources: CNVD: CNVD-2019-27257

EXTERNAL IDS

db:	CNVD	id:	CNVD-2019-27257	Trust: 0.8
db:	IVD	id:	CF491A94-CB2D-42D4-B4D0-3C717A6AD18B	Trust: 0.2

sources: IVD: cf491a94-cb2d-42d4-b4d0-3c717a6ad18b // CNVD: CNVD-2019-27257

SOURCES

db:	IVD	id:	cf491a94-cb2d-42d4-b4d0-3c717a6ad18b
db:	CNVD	id:	CNVD-2019-27257

LAST UPDATE DATE

2022-05-17T01:57:38.441000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2019-27257

date:

2020-04-02T00:00:00

SOURCES RELEASE DATE

db:	IVD	id:	cf491a94-cb2d-42d4-b4d0-3c717a6ad18b	date:	2019-08-13T00:00:00
db:	CNVD	id:	CNVD-2019-27257	date:	2019-09-03T00:00:00