1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: Dassault Systemes Catia CVE-2014-2072

Attack: Dassault Systemes Catia CVE-2014-2072

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts of leveraging a stack buffer overflow in Catia which could lead to arbitrary code execution.

Additional Information

Catia is suite of Computer Aided Design (CAD), Engineering (CAE) andManufacturing (CAM) applications for digital product definition and life cycle management.

Catia is prone to a stack-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer. The issue occurs when processing user supplied input data.

An attacker can exploit this issue to execute arbitrary code in the context of the application. Failed exploit attempts will result in a denial-of-service condition.

Affected

  • Catia V5-6R2013 is vulnerable.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube