CVE-2012-10057

Lattice Semiconductor ispVM System v18.0.2 - Buffer Overflow

Title source: llm

Description

Lattice Semiconductor ispVM System v18.0.2 contains a buffer overflow vulnerability in its handling of .xcf project files. When parsing the version attribute of the ispXCF XML tag, the application fails to properly validate input length, allowing a specially crafted file to overwrite memory on the stack. This can result in arbitrary code execution under the context of the user who opens the file. The vulnerability is triggered locally by opening a malicious .xcf file and does not require elevated privileges.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubylocalwindows

https://www.exploit-db.com/exploits/18947

View Code ZIP pw:eip

metasploit WORKING POC NORMAL

by Unknown, juan vazquez · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/ispvm_xcf_ispxcf.rb

View Code ZIP pw:eip

References (5)

[Various Sources] https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/ispvm_xcf_ispxcf.rb

[Various Sources] https://www.latticesemi.com/ispvm

[Third Party Advisory] https://web.archive.org/web/20121014002756/http://secunia.com/advisories/48740/

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/18947

[Third Party Advisory] https://www.vulncheck.com/advisories/lattice-semiconductor-ispvm-system-xcf-file-handling-buffer-overflow

Scores

EPSS 0.0192

EPSS Percentile 83.1%

Classification

CWE

CWE-121

Status draft

Timeline

Published Aug 13, 2025

Tracked Since Feb 18, 2026