|CVSS SCORE||9.3, (AV:N/AC:M/Au:N/C:C/I:C/A:C)|
VisiLogic OPLC IDE
The specific flaw exists within parsing of vlp files. A specially crafted vlp will overrun a heap buffer and inject values past the end of the heap allocation. An attacker can leverage this vulnerability to execute arbitrary code under the context of local Administrator.
Unitronics has issued an update to correct this vulnerability. More details can be found at:
|CREDIT||Steven Seeley of Source Incite