CVE-2018-0651: Buffer Overflow
First published: Wed Jan 09 2019(Updated: )
Buffer overflow in the license management function of YOKOGAWA products (iDefine for ProSafe-RS R1.16.3 and earlier, STARDOM VDS R7.50 and earlier, STARDOM FCN/FCJ Simulator R4.20 and earlier, ASTPLANNER R15.01 and earlier, TriFellows V5.04 and earlier) allows remote attackers to stop the license management function or execute an arbitrary program via unspecified vectors.
Credit: vultures@jpcert.or.jp
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Yokogawa Idefine For Prosafe-rs Firmware | <=r1.16.3 | |
| Yokogawa Idefine For Prosafe-rs | ||
| Yokogawa Stardom Versatile Data Server Firmware | <=r7.50 | |
| Yokogawa Stardom Versatile Data Server | ||
| Yokogawa Stardom Fcn\/fcj Simulator Firmware | <=r4.20 | |
| Yokogawa Stardom Fcn\/fcj Simulator | ||
| Yokogawa Astplanner | <=r15.01 | |
| Yokogawa Trifellows | <=v5.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of the buffer overflow in the license management function of YOKOGAWA products?
The vulnerability ID is CVE-2018-0651.
What is the severity of CVE-2018-0651?
The severity of CVE-2018-0651 is critical with a score of 9.8.
Which YOKOGAWA products are affected by CVE-2018-0651?
The YOKOGAWA products affected by CVE-2018-0651 are iDefine for ProSafe-RS R1.16.3 and earlier, STARDOM VDS R7.50 and earlier, STARDOM FCN/FCJ Simulator R4.20 and earlier, ASTPLANNER R15.01 and earlier, and TriFellows V5.04 and earlier.
How does CVE-2018-0651 impact YOKOGAWA products?
CVE-2018-0651 allows remote attackers to stop the license management function of YOKOGAWA products through a buffer overflow.
Are there any references for CVE-2018-0651?
Yes, you can find references for CVE-2018-0651 at the following links: [1] http://www.securityfocus.com/bid/105124 [2] https://jvn.jp/vu/JVNVU93845358/ [3] https://web-material3.yokogawa.com/YSAR-18-0006-E.pdf
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- vendor/yokogawa
- canonical/yokogawa idefine for prosafe-rs firmware
- version/yokogawa idefine for prosafe-rs firmware/r1.16.3
- canonical/yokogawa idefine for prosafe-rs
- canonical/yokogawa stardom versatile data server firmware
- version/yokogawa stardom versatile data server firmware/r7.50
- canonical/yokogawa stardom versatile data server
- canonical/yokogawa stardom fcn\/fcj simulator firmware
- version/yokogawa stardom fcn\/fcj simulator firmware/r4.20
- canonical/yokogawa stardom fcn\/fcj simulator
- canonical/yokogawa astplanner
- version/yokogawa astplanner/r15.01
- canonical/yokogawa trifellows
- version/yokogawa trifellows/v5.04