CVSS: 10.0EPSS: 15%CPEs: 1EXPL: 0CVE-2016-0860 – Advantech WebAccess webvrpcs Service BwpAlarm.dll memcpy Globals Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-0860
Buffer overflow in the BwpAlarm subsystem in Advantech WebAccess before 8.1 allows remote attackers to cause a denial of service via a crafted RPC request. Desbordamiento de buffer en el subsistema BwpAlarm en Advantech WebAccess en versiones anteriores a 8.1 permite a atacantes remotos causar una denegación de servicio a través de una petición RPC manipulada. This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x11172 IOCTL in the BwpAlarm subsystem. A globals overflow vulnerability exists in a call to memcpy. • http://www.zerodayinitiative.com/advisories/ZDI-16-058 http://www.zerodayinitiative.com/advisories/ZDI-16-074 https://ics-cert.us-cert.gov/advisories/ICSA-16-014-01 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.9EPSS: 4%CPEs: 1EXPL: 0CVE-2014-9202
https://notcve.org/view.php?id=CVE-2014-9202
Multiple stack-based buffer overflows in an unspecified DLL file in Advantech WebAccess before 8.0_20150816 allow remote attackers to execute arbitrary code via a crafted file that triggers long string arguments to functions. Desbordamiento de buffer basado en pila múltiple en un archivo DLL no especificado en Advantech WebAccess en versiones anteriores a 8.0_20150816, permite a atacantes remotos ejecutar código arbitrario a través de un archivo manipulado que desencadena argumentos de cadena largos en funciones. • https://ics-cert.us-cert.gov/advisories/ICSA-15-258-04 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 29%CPEs: 1EXPL: 1CVE-2014-9208 – Advantech Webaccess 8.0 / 3.4.3 - ActiveX Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2014-9208
Multiple stack-based buffer overflows in unspecified DLL files in Advantech WebAccess before 8.0.1 allow remote attackers to execute arbitrary code via unknown vectors. Múltiple desbordamiento de buffer basado en pila en archivos DLL no especificados en Advantech WebAccess en versiones anteriores a 8.0.1, permite a atacantes remotos ejecutar código arbitrario a través de vectores desconocidos. Using Advantech WebAccess SCADA Software and attacker can remotely manage industrial control systems devices like RTU's, generators, motors, etc. Attackers can execute code remotely by passing a maliciously crafted string to ConvToSafeArray API in ASPVCOBJLib.AspDataDriven ActiveX. • https://www.exploit-db.com/exploits/38108 https://ics-cert.us-cert.gov/advisories/ICSA-15-251-01 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.2EPSS: 6%CPEs: 1EXPL: 0CVE-2014-8388
https://notcve.org/view.php?id=CVE-2014-8388
Stack-based buffer overflow in Advantech WebAccess, formerly BroadWin WebAccess, before 8.0 allows remote attackers to execute arbitrary code via a crafted ip_address parameter in an HTML document. Desbordamiento de buffer basado en pila de Advantech WebAccess antiguamente Broadwin WebAccess, anterior a 8.0 permite a atacantes remotos ejecutar código arbitrario a través de un parámetro ip_address manipulado en un documento HMTL. • https://ics-cert.us-cert.gov/advisories/ICSA-14-324-01 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 2.1EPSS: 0%CPEs: 2EXPL: 0CVE-2014-5449
https://notcve.org/view.php?id=CVE-2014-5449
Zarafa WebAccess 4.1 and WebApp uses world-readable permissions for the files in their tmp directory, which allows local users to obtain sensitive information by reading temporary session data. Zarafa WebAccess 4.1 y WebApp utilizan permisos de lectura universal para los ficheros en su directorio tmp, lo que permite a usuarios locales obtener información sensible mediante la lectura de datos de sesiones temporales. • http://advisories.mageia.org/MGASA-2014-0380.html http://seclists.org/oss-sec/2014/q3/444 http://seclists.org/oss-sec/2014/q3/445 http://www.mandriva.com/security/advisories?name=MDVSA-2014:182 http://www.securityfocus.com/bid/69369 https://exchange.xforce.ibmcloud.com/vulnerabilities/95453 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •