RVD icon indicating copy to clipboard operation
RVD copied to clipboard
verified publisher icon aliasrobotics

RVD#67: Stack overflow on TpsStart.exe executed during system startup

Open aliasbot opened this issue 7 years ago • 1 comments 

{
    "id": 67,
    "title": "RVD#67: Stack overflow on TpsStart.exe executed during system startup",
    "type": "vulnerability",
    "description": "Researchers found a memory error in the executable, TpsStart.exe, executed during the system startup process, which allows an attacker to trigger a stack-based buffer overflow if he can modify a file to make its file name longer than 512 bytes. Acknowledgement: Davide Quarta, Marcello Pogliani, Mario Polino, Federico Maggi, Andrea M. Zanchettin, Stefano Zanero",
    "cwe": "CWE-Classic Buffer Overflow (CWE-120)",
    "cve": "None",
    "keywords": [
        "components hardware",
        "robot component: IRB140's flex pendant",
        "severity: high",
        "state: new",
        "vendor: ABB",
        "vulnerability"
    ],
    "system": "IRB140's flex pendant",
    "vendor": "ABB",
    "severity": {
        "rvss-score": "None",
        "rvss-vector": "RVSS:1.0/AV:RN/AC:H/PR:N/UI:N/Y:T/S:U/C:H/I:L/A:H/H:N",
        "severity-description": "",
        "cvss-score": 0,
        "cvss-vector": ""
    },
    "links": [
        "https://github.com/aliasrobotics/RVD/issues/67"
    ],
    "flaw": {
        "phase": "unknown",
        "specificity": "N/A",
        "architectural-location": "N/A",
        "application": "N/A",
        "subsystem": "N/A",
        "package": "N/A",
        "languages": "None",
        "date-detected": "2017-05-03",
        "detected-by": "",
        "detected-by-method": "N/A",
        "date-reported": "2017-05-03",
        "reported-by": "",
        "reported-by-relationship": "N/A",
        "issue": "https://github.com/aliasrobotics/RVD/issues/67",
        "reproducibility": "",
        "trace": null,
        "reproduction": "",
        "reproduction-image": ""
    },
    "exploitation": {
        "description": "",
        "exploitation-image": "",
        "exploitation-vector": ""
    },
    "mitigation": {
        "description": "",
        "pull-request": "",
        "date-mitigation": null
    }
}

aliasbot avatar Aug 27 '18 09:08 aliasbot

Feedback (automatically generated):

  • FIXME: Flaw not identified as a vulnerability, weakness or exposure. Have you included # Vulnerability (or Weakness or Exposure) report at the top of the ticket?, see Vulnerability report template for more information or review other tickets to get inspiration

Please review the feedback above. Once addressed, either request the removal of the malformed label to trigger another automatic review.

github-actions[bot] avatar Oct 27 '19 17:10 github-actions[bot]