Details of VAR-201805-1148

ID

VAR-201805-1148

CVE

CVE-2018-7509

TITLE

(0Day) Delta Industrial Automation WPLSoft dvp File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Trust: 1.4

sources: ZDI: ZDI-17-701 // ZDI: ZDI-17-700

DESCRIPTION

WPLSoft in Delta Electronics versions 2.45.0 and prior writes data from a file outside the bounds of the intended buffer space, which could cause memory corruption or may allow remote code execution. Delta Electronics WPLSoft Contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation WPLSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of .dvp files. Crafted data in a .dvp file can trigger an overflow of a heap-based buffer. An attacker can leverage this vulnerability to execute arbitrary code under the context of the current process. Delta Industrial Automation is the industry automation vendor for power management and cooling solutions worldwide. WPLSoft and PMSoft are Delta's PLC programming software. Delta Electronics WPLSoft is prone to the following security vulnerabilities: 1. A stack-based buffer-overflow vulnerability 2. A heap-based buffer-overflow vulnerability 3. Delta Industrial WPLSoft Version 2.45.0 and prior versions are vulnerable

Trust: 7.2

sources: NVD: CVE-2018-7509 // JVNDB: JVNDB-2018-004572 // ZDI: ZDI-17-701 // ZDI: ZDI-17-697 // ZDI: ZDI-17-700 // CNVD: CNVD-2017-22819 // CNVD: CNVD-2017-22816 // CNVD: CNVD-2018-03766 // CNVD: CNVD-2017-22820 // BID: 103179 // IVD: e2ff8c23-39ab-11e9-a10f-000c29342cb1 // IVD: e2ffda40-39ab-11e9-aced-000c29342cb1 // IVD: e300014f-39ab-11e9-ae3c-000c29342cb1 // IVD: bd88bef6-a734-4ab3-b708-493e5939c42c // IVD: c3d16b7a-9f9a-4e2c-b16b-7a6bbe22e631 // IVD: 9b0290fd-5208-4c4d-be64-9b123c16f26e // IVD: e2ff16f1-39ab-11e9-9e8d-000c29342cb1

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 3.8

sources: IVD: e2ff16f1-39ab-11e9-9e8d-000c29342cb1 // IVD: bd88bef6-a734-4ab3-b708-493e5939c42c // IVD: 9b0290fd-5208-4c4d-be64-9b123c16f26e // IVD: c3d16b7a-9f9a-4e2c-b16b-7a6bbe22e631 // IVD: e300014f-39ab-11e9-ae3c-000c29342cb1 // IVD: e2ff8c23-39ab-11e9-a10f-000c29342cb1 // IVD: e2ffda40-39ab-11e9-aced-000c29342cb1 // CNVD: CNVD-2017-22819 // CNVD: CNVD-2017-22816 // CNVD: CNVD-2018-03766 // CNVD: CNVD-2017-22820

AFFECTED PRODUCTS

vendor:	delta industrial automation	model:	wplsoft	scope:	-	version:	-	Trust: 2.1
vendor:	delta	model:	industrial automation wplsoft	scope:	-	version:	-	Trust: 1.8
vendor:	delta	model:	industrial automation wplsoft	scope:	eq	version:	*	Trust: 1.2
vendor:	deltaww	model:	wplsoft	scope:	lte	version:	2.45.0	Trust: 1.0
vendor:	delta	model:	wplsoft	scope:	lte	version:	2.45.0	Trust: 0.8
vendor:	delta	model:	electronics wplsoft	scope:	lte	version:	<=2.45.0	Trust: 0.6
vendor:	deltaww	model:	wplsoft	scope:	eq	version:	2.45.0	Trust: 0.6
vendor:	delta	model:	electronics inc wplsoft	scope:	eq	version:	2.45.0	Trust: 0.3
vendor:	delta	model:	electronics inc wplsoft	scope:	eq	version:	2.42.11	Trust: 0.3
vendor:	delta	model:	electronics inc wplsoft	scope:	eq	version:	2.0	Trust: 0.3
vendor:	delta	model:	electronics inc wplsoft	scope:	ne	version:	2.46.0	Trust: 0.3
vendor:	wplsoft	model:	-	scope:	eq	version:	*	Trust: 0.2

sources: IVD: e2ff16f1-39ab-11e9-9e8d-000c29342cb1 // IVD: bd88bef6-a734-4ab3-b708-493e5939c42c // IVD: 9b0290fd-5208-4c4d-be64-9b123c16f26e // IVD: c3d16b7a-9f9a-4e2c-b16b-7a6bbe22e631 // IVD: e300014f-39ab-11e9-ae3c-000c29342cb1 // IVD: e2ff8c23-39ab-11e9-a10f-000c29342cb1 // IVD: e2ffda40-39ab-11e9-aced-000c29342cb1 // ZDI: ZDI-17-701 // ZDI: ZDI-17-700 // ZDI: ZDI-17-697 // CNVD: CNVD-2017-22819 // CNVD: CNVD-2017-22816 // CNVD: CNVD-2018-03766 // CNVD: CNVD-2017-22820 // BID: 103179 // JVNDB: JVNDB-2018-004572 // CNNVD: CNNVD-201803-769 // NVD: CVE-2018-7509

CVSS

SEVERITY

CVSSV2

CVSSV3

ZDI:	CVE-2018-7509
value:	HIGH
Trust: 2.1
nvd@nist.gov:	CVE-2018-7509
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-7509
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2017-22819
value:	HIGH
Trust: 0.6
CNVD:	CNVD-2017-22816
value:	HIGH
Trust: 0.6
CNVD:	CNVD-2018-03766
value:	HIGH
Trust: 0.6
CNVD:	CNVD-2017-22820
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201803-769
value:	HIGH
Trust: 0.6
IVD:	e2ff16f1-39ab-11e9-9e8d-000c29342cb1
value:	HIGH
Trust: 0.2
IVD:	bd88bef6-a734-4ab3-b708-493e5939c42c
value:	HIGH
Trust: 0.2
IVD:	9b0290fd-5208-4c4d-be64-9b123c16f26e
value:	HIGH
Trust: 0.2
IVD:	c3d16b7a-9f9a-4e2c-b16b-7a6bbe22e631
value:	HIGH
Trust: 0.2
IVD:	e300014f-39ab-11e9-ae3c-000c29342cb1
value:	HIGH
Trust: 0.2
IVD:	e2ff8c23-39ab-11e9-a10f-000c29342cb1
value:	HIGH
Trust: 0.2
IVD:	e2ffda40-39ab-11e9-aced-000c29342cb1
value:	HIGH
Trust: 0.2

ZDI:	CVE-2018-7509
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 2.1
nvd@nist.gov:	CVE-2018-7509
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2017-22819
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
CNVD:	CNVD-2017-22816
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
CNVD:	CNVD-2018-03766
severity:	HIGH
baseScore:	9.7
vectorString:	AV:N/AC:L/AU:N/C:P/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	9.5
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
CNVD:	CNVD-2017-22820
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	e2ff16f1-39ab-11e9-9e8d-000c29342cb1
severity:	HIGH
baseScore:	9.7
vectorString:	AV:N/AC:L/AU:N/C:P/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	9.5
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
IVD:	bd88bef6-a734-4ab3-b708-493e5939c42c
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
IVD:	9b0290fd-5208-4c4d-be64-9b123c16f26e
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
IVD:	c3d16b7a-9f9a-4e2c-b16b-7a6bbe22e631
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
IVD:	e300014f-39ab-11e9-ae3c-000c29342cb1
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
IVD:	e2ff8c23-39ab-11e9-a10f-000c29342cb1
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
IVD:	e2ffda40-39ab-11e9-aced-000c29342cb1
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

nvd@nist.gov:	CVE-2018-7509
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: IVD: e2ff16f1-39ab-11e9-9e8d-000c29342cb1 // IVD: bd88bef6-a734-4ab3-b708-493e5939c42c // IVD: 9b0290fd-5208-4c4d-be64-9b123c16f26e // IVD: c3d16b7a-9f9a-4e2c-b16b-7a6bbe22e631 // IVD: e300014f-39ab-11e9-ae3c-000c29342cb1 // IVD: e2ff8c23-39ab-11e9-a10f-000c29342cb1 // IVD: e2ffda40-39ab-11e9-aced-000c29342cb1 // ZDI: ZDI-17-701 // ZDI: ZDI-17-700 // ZDI: ZDI-17-697 // CNVD: CNVD-2017-22819 // CNVD: CNVD-2017-22816 // CNVD: CNVD-2018-03766 // CNVD: CNVD-2017-22820 // JVNDB: JVNDB-2018-004572 // CNNVD: CNNVD-201803-769 // NVD: CVE-2018-7509

PROBLEMTYPE DATA

problemtype:

CWE-787

Trust: 1.8

sources: JVNDB: JVNDB-2018-004572 // NVD: CVE-2018-7509

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201803-769

TYPE

Buffer error

Trust: 0.8

sources: IVD: e2ff16f1-39ab-11e9-9e8d-000c29342cb1 // CNNVD: CNNVD-201803-769

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-004572

PATCH

title:	Delta Industrial Automation has issued an update to correct this vulnerability. This vulnerability is being disclosed publicly without a patch in accordance with the ZDI 120 day deadline.02/01/17 - ZDI disclosed reports to ICS-CERT02/07/17 - ICS-CERT provided ZDI with an ICS-VU # ICS-VU-97456803/16/17 - ICS-CERT asked ZDI questions about reproduction03/27/17 - ICS-CERT asked ZDI again some questions about reproduction06/07/17 - ICS-CERT offered ZDI a pre-release patch to test06/07/17 - ZDI replied that we cannot do the testing for the vendor07/20/17 - ZDI sent a mail to ICS-CERT asking the status07/26/17 - ICS-CERT advised that the vendor has a new version they believe addressed the reports (though to ZDI knowledge, no advisory was released)08/02/17 - ZDI advised ICS-CERT that our finder indicated that the vulnerabilities are still present08/11/17 - ZDI wrote ICS-CERT to indicate the intention to move these reports to 0-day on 8/24-- Mitigation:Given the nature of the vulnerability the only salient mitigation strategy is to restrict interaction with the application to trusted files.	url:	https://ics-cert.us-cert.gov/advisories/ICSA-18-058-02	Trust: 2.1
title:	Top Page	url:	http://www.deltaww.com/	Trust: 0.8
title:	Delta Industrial Automation WPLSoft dvp file border write vulnerability (CNVD-2017-228198) patch	url:	https://www.cnvd.org.cn/patchInfo/show/143673	Trust: 0.6
title:	Patch for Delta Industrial Automation WPLSoft dvp File Buffer Buffer Overflow Vulnerability (CNVD-2017-228165)	url:	https://www.cnvd.org.cn/patchInfo/show/143667	Trust: 0.6
title:	Delta Electronics WPLSoft cross-border write vulnerability patch	url:	https://www.cnvd.org.cn/patchInfo/show/119163	Trust: 0.6
title:	Delta Industrial Automation WPLSoft dvp file cross-boundary write vulnerability patch	url:	https://www.cnvd.org.cn/patchInfo/show/143675	Trust: 0.6
title:	Delta Electronics WPLSoft Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=79355	Trust: 0.6

sources: ZDI: ZDI-17-701 // ZDI: ZDI-17-700 // ZDI: ZDI-17-697 // CNVD: CNVD-2017-22819 // CNVD: CNVD-2017-22816 // CNVD: CNVD-2018-03766 // CNVD: CNVD-2017-22820 // JVNDB: JVNDB-2018-004572 // CNNVD: CNNVD-201803-769

EXTERNAL IDS

db:	NVD	id:	CVE-2018-7509	Trust: 5.6
db:	ICS CERT	id:	ICSA-18-058-02	Trust: 3.3
db:	BID	id:	103179	Trust: 1.9
db:	ZDI	id:	ZDI-17-701	Trust: 1.3
db:	ZDI	id:	ZDI-17-700	Trust: 1.3
db:	ZDI	id:	ZDI-17-697	Trust: 1.3
db:	CNVD	id:	CNVD-2017-22819	Trust: 1.0
db:	CNVD	id:	CNVD-2017-22820	Trust: 1.0
db:	CNVD	id:	CNVD-2017-22816	Trust: 1.0
db:	CNVD	id:	CNVD-2018-03766	Trust: 0.8
db:	CNNVD	id:	CNNVD-201803-769	Trust: 0.8
db:	JVNDB	id:	JVNDB-2018-004572	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-4435	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-4428	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-4438	Trust: 0.7
db:	IVD	id:	E2FF16F1-39AB-11E9-9E8D-000C29342CB1	Trust: 0.2
db:	IVD	id:	BD88BEF6-A734-4AB3-B708-493E5939C42C	Trust: 0.2
db:	IVD	id:	9B0290FD-5208-4C4D-BE64-9B123C16F26E	Trust: 0.2
db:	IVD	id:	C3D16B7A-9F9A-4E2C-B16B-7A6BBE22E631	Trust: 0.2
db:	IVD	id:	E300014F-39AB-11E9-AE3C-000C29342CB1	Trust: 0.2
db:	IVD	id:	E2FF8C23-39AB-11E9-A10F-000C29342CB1	Trust: 0.2
db:	IVD	id:	E2FFDA40-39AB-11E9-ACED-000C29342CB1	Trust: 0.2

sources: IVD: e2ff16f1-39ab-11e9-9e8d-000c29342cb1 // IVD: bd88bef6-a734-4ab3-b708-493e5939c42c // IVD: 9b0290fd-5208-4c4d-be64-9b123c16f26e // IVD: c3d16b7a-9f9a-4e2c-b16b-7a6bbe22e631 // IVD: e300014f-39ab-11e9-ae3c-000c29342cb1 // IVD: e2ff8c23-39ab-11e9-a10f-000c29342cb1 // IVD: e2ffda40-39ab-11e9-aced-000c29342cb1 // ZDI: ZDI-17-701 // ZDI: ZDI-17-700 // ZDI: ZDI-17-697 // CNVD: CNVD-2017-22819 // CNVD: CNVD-2017-22816 // CNVD: CNVD-2018-03766 // CNVD: CNVD-2017-22820 // BID: 103179 // JVNDB: JVNDB-2018-004572 // CNNVD: CNNVD-201803-769 // NVD: CVE-2018-7509

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-18-058-02	Trust: 5.4
url:	http://www.securityfocus.com/bid/103179	Trust: 1.6
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7509	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-7509	Trust: 0.8
url:	http://www.zerodayinitiative.com/advisories/zdi-17-700/	Trust: 0.6
url:	http://www.zerodayinitiative.com/advisories/zdi-17-697/	Trust: 0.6
url:	http://www.zerodayinitiative.com/advisories/zdi-17-701/	Trust: 0.6
url:	http://www.deltaww.com/	Trust: 0.3

sources: ZDI: ZDI-17-701 // ZDI: ZDI-17-700 // ZDI: ZDI-17-697 // CNVD: CNVD-2017-22819 // CNVD: CNVD-2017-22816 // CNVD: CNVD-2018-03766 // CNVD: CNVD-2017-22820 // BID: 103179 // JVNDB: JVNDB-2018-004572 // CNNVD: CNNVD-201803-769 // NVD: CVE-2018-7509

CREDITS

axt

Trust: 2.1

sources: ZDI: ZDI-17-701 // ZDI: ZDI-17-700 // ZDI: ZDI-17-697

SOURCES

db:	IVD	id:	e2ff16f1-39ab-11e9-9e8d-000c29342cb1
db:	IVD	id:	bd88bef6-a734-4ab3-b708-493e5939c42c
db:	IVD	id:	9b0290fd-5208-4c4d-be64-9b123c16f26e
db:	IVD	id:	c3d16b7a-9f9a-4e2c-b16b-7a6bbe22e631
db:	IVD	id:	e300014f-39ab-11e9-ae3c-000c29342cb1
db:	IVD	id:	e2ff8c23-39ab-11e9-a10f-000c29342cb1
db:	IVD	id:	e2ffda40-39ab-11e9-aced-000c29342cb1
db:	ZDI	id:	ZDI-17-701
db:	ZDI	id:	ZDI-17-700
db:	ZDI	id:	ZDI-17-697
db:	CNVD	id:	CNVD-2017-22819
db:	CNVD	id:	CNVD-2017-22816
db:	CNVD	id:	CNVD-2018-03766
db:	CNVD	id:	CNVD-2017-22820
db:	BID	id:	103179
db:	JVNDB	id:	JVNDB-2018-004572
db:	CNNVD	id:	CNNVD-201803-769
db:	NVD	id:	CVE-2018-7509

LAST UPDATE DATE

2024-08-14T13:56:01.424000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-17-701	date:	2018-03-28T00:00:00
db:	ZDI	id:	ZDI-17-700	date:	2018-03-28T00:00:00
db:	ZDI	id:	ZDI-17-697	date:	2018-03-28T00:00:00
db:	CNVD	id:	CNVD-2017-22819	date:	2018-11-05T00:00:00
db:	CNVD	id:	CNVD-2017-22816	date:	2018-11-05T00:00:00
db:	CNVD	id:	CNVD-2018-03766	date:	2018-11-05T00:00:00
db:	CNVD	id:	CNVD-2017-22820	date:	2018-11-05T00:00:00
db:	BID	id:	103179	date:	2018-02-27T00:00:00
db:	JVNDB	id:	JVNDB-2018-004572	date:	2018-06-25T00:00:00
db:	CNNVD	id:	CNNVD-201803-769	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2018-7509	date:	2019-10-09T23:42:20.923

SOURCES RELEASE DATE

db:	IVD	id:	e2ff16f1-39ab-11e9-9e8d-000c29342cb1	date:	2018-02-28T00:00:00
db:	IVD	id:	bd88bef6-a734-4ab3-b708-493e5939c42c	date:	2017-08-25T00:00:00
db:	IVD	id:	9b0290fd-5208-4c4d-be64-9b123c16f26e	date:	2017-08-25T00:00:00
db:	IVD	id:	c3d16b7a-9f9a-4e2c-b16b-7a6bbe22e631	date:	2017-08-25T00:00:00
db:	IVD	id:	e300014f-39ab-11e9-ae3c-000c29342cb1	date:	2017-08-25T00:00:00
db:	IVD	id:	e2ff8c23-39ab-11e9-a10f-000c29342cb1	date:	2017-08-25T00:00:00
db:	IVD	id:	e2ffda40-39ab-11e9-aced-000c29342cb1	date:	2017-08-25T00:00:00
db:	ZDI	id:	ZDI-17-701	date:	2017-08-24T00:00:00
db:	ZDI	id:	ZDI-17-700	date:	2017-08-24T00:00:00
db:	ZDI	id:	ZDI-17-697	date:	2017-08-24T00:00:00
db:	CNVD	id:	CNVD-2017-22819	date:	2017-08-25T00:00:00
db:	CNVD	id:	CNVD-2017-22816	date:	2017-08-25T00:00:00
db:	CNVD	id:	CNVD-2018-03766	date:	2018-02-28T00:00:00
db:	CNVD	id:	CNVD-2017-22820	date:	2017-08-25T00:00:00
db:	BID	id:	103179	date:	2018-02-27T00:00:00
db:	JVNDB	id:	JVNDB-2018-004572	date:	2018-06-25T00:00:00
db:	CNNVD	id:	CNNVD-201803-769	date:	2018-03-22T00:00:00
db:	NVD	id:	CVE-2018-7509	date:	2018-05-04T19:29:00.360