CVE-2014-0766

Description

An attacker can exploit this vulnerability by copying an overly long NodeName2 argument into a statically sized buffer on the stack to overflow the static stack buffer. An attacker may use this vulnerability to remotely execute arbitrary code.

Affected products

• Advantech / WebAccess0 – 7.1
• Advantech / WebAccess7.2 – 7.2

References

• VENDOR_ADVISORYhttps://www.cisa.gov/news-events/ics-advisories/icsa-14-079-03
• MISChttp://www.securityfocus.com/bid/66740
• MISChttp://webaccess.advantech.com/