Tuesday, February 5, 2013

ICS-CERT Publishes Ecava Advisory

Today the DHS ICS-CERT published an advisory for a buffer overflow vulnerability in the Ecava IntegraXor application. The vulnerability was reported by Andrew Brooks in a coordinated disclosure.

ICS-CERT reports that a moderately skilled attacker utilizing a social engineering attack could remotely exploit this vulnerability to run arbitrary code on the system. Ecava has produced an updated version of the affected application that has been verified by Brooks to correct the vulnerability.

No comments:

/* Use this with templates/template-twocol.html */