CVE-2016-0856 – Advantech WebAccess datacore Service datacore.exe AlarmMessage sprintf Stack-Based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-0856
Multiple stack-based buffer overflows in Advantech WebAccess before 8.1 allow remote attackers to execute arbitrary code via unspecified vectors. Múltiples desbordamientos de buffer basado en pila en Advantech WebAccess en versiones anteriores a 8.1 permiten a atacantes remotos ejecutar código arbitrario a través de vectores no especificados. This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x5228 IOCTL in the Kernel subsystem. A stack-based buffer overflow vulnerability exists in a call to sprintf with the AlarmMessage parameter. • http://www.zerodayinitiative.com/advisories/ZDI-16-100 http://www.zerodayinitiative.com/advisories/ZDI-16-101 http://www.zerodayinitiative.com/advisories/ZDI-16-102 http://www.zerodayinitiative.com/advisories/ZDI-16-103 http://www.zerodayinitiative.com/advisories/ZDI-16-106 http://www.zerodayinitiative.com/advisories/ZDI-16-108 http://www.zerodayinitiative.com/advisories/ZDI-16-109 http://www.zerodayinitiative.com/advisories/ZDI-16-110 http://www.zerodayinitiative.com/advisories/ZDI-16-111 http: • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2015-3948
https://notcve.org/view.php?id=CVE-2015-3948
Cross-site scripting (XSS) vulnerability in Advantech WebAccess before 8.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en Advantech WebAccess en versiones anteriores a 8.1 permite a usuarios remotos autenticados inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados. • https://ics-cert.us-cert.gov/advisories/ICSA-16-014-01 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2016-0855 – Advantech WebAccess Dashboard Viewer openWidget Directory Traversal Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2016-0855
Directory traversal vulnerability in Advantech WebAccess before 8.1 allows remote attackers to list arbitrary virtual-directory files via unspecified vectors. Vulnerabilidad de salto de directorio en Advantech WebAccess en versiones anteriores a 8.1 permite a atacantes remotos listar archivos virtuales del directorio virtual a través de vectores no especificados. This vulnerability allows remote attackers to disclose arbitrary file contents on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the WebAccess Dashboard Viewer. Insufficient validation within the openWidget script allows unauthenticated callers to read the content of arbitrary files on the WebAccess server. • http://www.zerodayinitiative.com/advisories/ZDI-16-122 http://www.zerodayinitiative.com/advisories/ZDI-16-123 http://www.zerodayinitiative.com/advisories/ZDI-16-124 http://www.zerodayinitiative.com/advisories/ZDI-16-125 http://www.zerodayinitiative.com/advisories/ZDI-16-126 https://ics-cert.us-cert.gov/advisories/ICSA-16-014-01 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2015-3943
https://notcve.org/view.php?id=CVE-2015-3943
Advantech WebAccess before 8.1 allows remote attackers to read sensitive cleartext information about e-mail project accounts via unspecified vectors. Advantech WebAccess en versiones anteriores a 8.1 permite a atacantes remotos leer información sensible en texto plano sobre cuentas de proyecto de correos electrónicos a través de vectores no especificados. • https://ics-cert.us-cert.gov/advisories/ICSA-16-014-01 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2014-9202
https://notcve.org/view.php?id=CVE-2014-9202
Multiple stack-based buffer overflows in an unspecified DLL file in Advantech WebAccess before 8.0_20150816 allow remote attackers to execute arbitrary code via a crafted file that triggers long string arguments to functions. Desbordamiento de buffer basado en pila múltiple en un archivo DLL no especificado en Advantech WebAccess en versiones anteriores a 8.0_20150816, permite a atacantes remotos ejecutar código arbitrario a través de un archivo manipulado que desencadena argumentos de cadena largos en funciones. • https://ics-cert.us-cert.gov/advisories/ICSA-15-258-04 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •