CVSS: 7.5EPSS: 27%CPEs: 1EXPL: 0CVE-2014-8512 – Schneider Electric ProClima ATX45 SetBodyAttribute Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-8512
Buffer overflow in an ActiveX control in Atx45.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8511. NOTE: this may be clarified later based on details provided by researchers. Desbordamiento de buffer en el control de ActiveX en Atx45.ocx en Schneider Electric ProClima anterior a 6.1.7 permite a atacantes remotos ejecutar código arbitrario a través de vectores sin especificar, una vulnerabilidad diferente a CVE-2014-8511. NOTA: esto puede se puede clarificar después en base a los detalles proporcionados por los investigadores. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Schneider Electric ProClima. • http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-344-01 https://ics-cert.us-cert.gov/advisories/ICSA-14-350-01 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 17%CPEs: 1EXPL: 0CVE-2014-8514 – Schneider Electric ProClima MetaDraw ObjLinks Property Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-8514
Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8513 and CVE-2014-9188. NOTE: this may be clarified later based on details provided by researchers. Desbordamiento de buffer en el control ActiveX en MDraw30.ocx en Schneider Electric ProClima anterior a 6.1.7 permite a atacantes remotos ejecutar código arbitrario a través de vectores sin especificar, una vulnerabilidad diferente a CVE-2014-8513 y CVE-2014-9188. NOTA: esto se puede aclarar después en base a los detalles proporcionados por los investigadores. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Schneider Electric ProClima. • http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-344-01 http://www.securityfocus.com/bid/71710 https://ics-cert.us-cert.gov/advisories/ICSA-14-350-01 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.0EPSS: 27%CPEs: 1EXPL: 0CVE-2014-9188 – Schneider Electric ProClima MetaDraw ArrangeObjects Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-9188
Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8513 and CVE-2014-8514. NOTE: this may be clarified later based on details provided by researchers. Desbordamiento de buffer en el control ActiveX en MDraw30.ocx en Schneider Electric ProClima anterior a 6.1.7 permite a atacantes remotos ejecutar código arbitrario a través de vectores sin especificar, una vulnerabilidad diferente a CVE-2014-8513 y CVE-2014-8514. NOTA: esto se puede aclarar después en base a los detalles proporcionados por los investigadores. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Schneider Electric ProClima. • http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-344-01 https://ics-cert.us-cert.gov/advisories/ICSA-14-350-01 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 21%CPEs: 1EXPL: 0CVE-2014-8513 – Schneider Electric ProClima MetaDraw ObjectOverlappedBy Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-8513
Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8514 and CVE-2014-9188. NOTE: this may be clarified later based on details provided by researchers. Desbordamiento de buffer en el control ActiveX en MDraw30.ocx en Schneider Electric ProClima anterior a 6.1.7 permite a atacantes remotos ejecutar código arbitrario a través de vectores sin especificar, una vulnerabilidad diferente a CVE-2014-8514 y CVE-2014-9188. NOTA: esto se puede aclarar después en base a los detalles proporcionados por los investigadores. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Schneider Electric ProClima. • http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-344-01 https://ics-cert.us-cert.gov/advisories/ICSA-14-350-01 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 39%CPEs: 1EXPL: 0CVE-2014-8511 – Schneider Electric ProClima ATX45 SetHtmlFileName Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-8511
Buffer overflow in an ActiveX control in Atx45.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8512. NOTE: this may be clarified later based on details provided by researchers. Desbordamiento de buffer en el control ActiveX en Atx45.ocx en Schneider Electric ProClima anterior a 6.1.7 permite a atacantes remotos ejecutar código arbitrario a través de vectores sin especificar, una vulnerabilidad diferente a CVE-2014-8512. NOTA: esto se puede clarificar después en base a los detalles proporcionados por los investigadores. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Schneider Electric ProClima. • http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-344-01 https://ics-cert.us-cert.gov/advisories/ICSA-14-350-01 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •