Stack-Based Buffer Overflow in Lattice Semiconductor PAC-Designer Software
CVE-2012-2915

Currently unrated

Key Information:

Vendor

Lattice Semiconductor

Status
Pac-designer
Vendor
CVE Published:
21 May 2012

What is CVE-2012-2915?

A stack-based buffer overflow vulnerability exists in the PAC-Designer software from Lattice Semiconductor, specifically in version 6.2.1344. This security flaw enables remote attackers to execute arbitrary code on the affected system by sending a specially crafted PAC file. The vulnerability is triggered by a long string in a Value tag within the SymbolicSchematicData definition, which can be leveraged to overwrite the stack and execute malicious payloads. Proper input validation is crucial to mitigate this risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/75698
vdb-entryx_refsource_XF
http://secunia.com/advisories/48741
third-party-advisoryx_refsource_SECUNIA
http://osvdb.org/82001
vdb-entryx_refsource_OSVDB

EPSS Score

66% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.