This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of WECON LeviStudio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists in the handling of LeviStudio Project files. By providing an overly long HmiSet Type XML attribute, an attacker can overflow a stack-based buffer and execute arbitrary code in the context of the current process.
The specific flaw exists in the handling of LeviStudio Project files. By providing an overly long HmiSet Type XML attribute, an attacker can overflow a stack-based buffer and execute arbitrary code in the context of the current process.
CVE Link
Exploit Type - Old
Exploits/Client Side
Exploit Platform
Exploit Type
Product Name