Page 2 of 28 results (0.008 seconds)

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Out-of-bounds read vulnerability/issue exists in CX-Programmer Included in CX-One CXONE-AL[][]D-V4 V9.80 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur. • https://jvn.jp/en/vu/JVNVU93286117 https://www.ia.omron.com/product/vulnerability/OMSR-2023-005_en.pdf • CWE-125: Out-of-bounds Read •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Stack-based buffer overflow vulnerability exists in CX-Programmer v.9.77 and earlier, which may lead to information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. Existe una vulnerabilidad de desbordamiento de búfer en la región stack de la memoria en CX-Programmer v.9.77 y versiones anteriores, lo que puede provocar la divulgación de información y/o la ejecución de código arbitrario al hacer que un usuario abra un archivo CXP especialmente manipulado. • https://jvn.jp/en/vu/JVNVU92877622/index.html https://jvn.jp/vu/JVNVU92877622/index.html • CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Use-after free vulnerability exists in CX-Programmer v.9.77 and earlier, which may lead to information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. Existe una vulnerabilidad de use after free en CX-Programmer v.9.77 y versiones anteriores, que puede provocar la divulgación de información y/o la ejecución de código arbitrario al hacer que un usuario abra un archivo CXP especialmente manipulado. • https://jvn.jp/en/vu/JVNVU92877622/index.html https://jvn.jp/vu/JVNVU92877622/index.html • CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Out-of-bounds write vulnerability exists in CX-Programmer v.9.77 and earlier, which may lead to information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. Existe una vulnerabilidad de escritura fuera de los límites en CX-Programmer v.9.77 y versiones anteriores, que puede provocar la divulgación de información y/o la ejecución de código arbitrario al pedirle a un usuario que abra un archivo CXP especialmente manipulado. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Omron CX-One. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CXP files in the CX-Programmer module. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. • https://jvn.jp/en/vu/JVNVU92877622/index.html https://jvn.jp/vu/JVNVU92877622/index.html • CWE-787: Out-of-bounds Write •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

OMRON CX-Programmer 9.78 and prior is vulnerable to an Out-of-Bounds Write, which may allow an attacker to execute arbitrary code. OMRON CX-Programmer versiones 9.78 y anteriores, es vulnerable a una Escritura Fuera de Límites, lo que puede permitir a un atacante ejecutar código arbitrario This vulnerability allows remote attackers to execute arbitrary code on affected installations of Omron CX-One. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CXP files in the CX-Programmer module. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.cisa.gov/uscert/ics/advisories/icsa-22-277-04 • CWE-787: Out-of-bounds Write •