Page 16 of 90 results (0.009 seconds)

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0

In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause a double free vulnerability. En las versiones 3.30 y anteriores de Omron CX-Supervisor, el análisis de archivos de proyecto mal formados puede provocar una vulnerabilidad de doble liberación (double free). This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-Supervisor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SCS project files. When parsing a malformed scatter chart object, the process does not properly validate the existence of an object prior to performing operations on it. • http://www.securityfocus.com/bid/103394 https://ics-cert.us-cert.gov/advisories/ICSA-18-072-01 • CWE-415: Double Free •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0

In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause a stack-based buffer overflow. En las versiones 3.30 y anteriores de Omron CX-Supervisor, el análisis de archivos de proyecto mal formados puede provocar un desbordamiento de búfer basado en pila. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-Supervisor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SCS project files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. • http://www.securityfocus.com/bid/103394 https://ics-cert.us-cert.gov/advisories/ICSA-18-072-01 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0

In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause an out of bounds vulnerability. En las versiones 3.30 y anteriores de Omron CX-Supervisor, el análisis de archivos de proyecto mal formados puede provocar una vulnerabilidad fuera de límites. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-Supervisor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SCS project files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. • http://www.securityfocus.com/bid/103394 https://ics-cert.us-cert.gov/advisories/ICSA-18-072-01 • CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

In Omron CX-Supervisor Versions 3.30 and prior, use after free vulnerabilities can be exploited when CX Supervisor parses a specially crafted project file. En las versiones 3.30 y anteriores de Omron CX-Supervisor, se pueden explotar vulnerabilidades de uso de memoria previamente liberada cuando CX Supervisor analiza un archivo de proyecto especialmente manipulado. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-Supervisor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of project files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. • http://www.securityfocus.com/bid/103394 https://ics-cert.us-cert.gov/advisories/ICSA-18-072-01 • CWE-416: Use After Free •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0

In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause a heap-based buffer overflow. En las versiones 3.30 y anteriores de Omron CX-Supervisor, el análisis de archivos de proyecto mal formados puede provocar un desbordamiento de búfer basado en memoria dinámica (heap). This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-Supervisor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of SCS project files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length, heap-based buffer. • http://www.securityfocus.com/bid/103394 https://ics-cert.us-cert.gov/advisories/ICSA-18-072-01 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •