IspVM System XCF File Processing Buffer Overflow Vulnerability

Release date:
Updated on:

Affected Systems:
Lattice Semiconductor ispVM System 18.x
Description:
--------------------------------------------------------------------------------
IspVM System is the programming manager for standalone devices.

IspVM System 18.0.2 has a boundary error-triggered overflow vulnerability when parsing XCF files. After successful exploitation, attackers can execute arbitrary code in the affected applications.

1) when processing the ". xcf" file, there is a boundary error in ispVM. Using the ultra-long value in the "<Name>" XML tag of the device can cause stack buffer overflow.

2) when processing the ". xcf" file, there is a boundary error in ispVM. The stack buffer overflow can be caused by the ultra-long "version" value in the "<ispXCF>" XML tag.

<* Source: anonymous

Link: http://osvdb.org/show/osvdb/82000
Http://packetstormsecurity.org/files/113089/ispVM-System-XCF-File-Handling-Overflow.html
Http://secunia.com/advisories/48740/
*>

Suggestion:
--------------------------------------------------------------------------------
Vendor patch:

Lattice semicondu
---------------------
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:

Http://www.latticesemi.com/products/designsoftware/programmer/index.cfm