CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-17909 – OMRON CX-Supervisor sr3 File Parsing Script API HWND Object Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-17909
05 Nov 2018 — When processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior, the application fails to check if it is referencing freed memory, which may allow an attacker to execute code under the context of the application. Al procesar archivos de proyecto en Omron CX-Supervisor en versiones 3.4.1.0 y anteriores, la aplicación no comprueba si está referenciando memoria liberada, lo que podría permitir que un atacante ejecute código bajo el contexto de la aplicación. This vulnerability allows remote att... • http://www.securityfocus.com/bid/105691 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-17905 – OMRON CX-Supervisor SCS File Parsing Memory Corruption Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-17905
17 Oct 2018 — When processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior and tampering with a specific byte, memory corruption may occur within a specific object. Al procesar archivos de proyecto en Omron CX-Supervisor en versiones 3.4.1.0 y anteriores y falsificando un byte en concreto, podría ocurrir una corrupción de memoria en un objeto específico. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-Supervisor. User interaction is required ... • http://www.securityfocus.com/bid/105691 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-17907 – OMRON CX-Supervisor SCS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-17907
17 Oct 2018 — When processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior and tampering with the value of an offset, an attacker can force the application to read a value outside of an array. Al procesar archivos de proyecto Omron CX-Supervisor en versiones 3.4.1.0 y anteriores y falsificando el valor de un desplazamiento, un atacante puede forzar a la aplicación para que lea un valor fuera de un array. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of... • http://www.securityfocus.com/bid/105691 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-17913 – OMRON Industrial Automation CX-Supervisor CSNewDataSets Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-17913
17 Oct 2018 — A type confusion vulnerability exists when processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior, which may allow an attacker to execute code in the context of the application. Existe una vulnerabilidad de confusión de tipos al procesar archivos de proyecto en Omron CX-Supervisor en versiones 3.4.1.0 y anteriores, lo que podría permitir que un atacante ejecute código en el contexto de la aplicación. This vulnerability allows remote attackers to execute arbitrary code on vulnerable insta... • http://www.securityfocus.com/bid/105691 • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2018-8834 – OMRON CX-One CX-FLnet Node Name Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-8834
11 Apr 2018 — Parsing malformed project files in Omron CX-One versions 4.42 and prior, including the following applications: CX-FLnet versions 1.00 and prior, CX-Protocol versions 1.992 and prior, CX-Programmer versions 9.65 and prior, CX-Server versions 5.0.22 and prior, Network Configurator versions 3.63 and prior, and Switch Box Utility versions 1.68 and prior, may cause a heap-based buffer overflow. El análisis sintáctico de archivos de proyecto mal formados en Omron CX-One, en versiones 4.42 y anteriores, incluyendo... • https://ics-cert.us-cert.gov/advisories/ICSA-18-100-02 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2018-7514 – OMRON CX-One SBA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-7514
11 Apr 2018 — Parsing malformed project files in Omron CX-One versions 4.42 and prior, including the following applications: CX-FLnet versions 1.00 and prior, CX-Protocol versions 1.992 and prior, CX-Programmer versions 9.65 and prior, CX-Server versions 5.0.22 and prior, Network Configurator versions 3.63 and prior, and Switch Box Utility versions 1.68 and prior, may cause a stack-based buffer overflow. El análisis sintáctico de archivos de proyecto mal formados en Omron CX-One, en versiones 4.42 y anteriores, incluyend... • https://ics-cert.us-cert.gov/advisories/ICSA-18-100-02 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2018-7530 – OMRON CX-One CX-Protocol CObject Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-7530
11 Apr 2018 — Parsing malformed project files in Omron CX-One versions 4.42 and prior, including the following applications: CX-FLnet versions 1.00 and prior, CX-Protocol versions 1.992 and prior, CX-Programmer versions 9.65 and prior, CX-Server versions 5.0.22 and prior, Network Configurator versions 3.63 and prior, and Switch Box Utility versions 1.68 and prior, may allow the pointer to call an incorrect object resulting in an access of resource using incompatible type condition. El análisis sintáctico de archivos de p... • https://ics-cert.us-cert.gov/advisories/ICSA-18-100-02 • CWE-118: Incorrect Access of Indexable Resource ('Range Error') CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-7513 – OMRON CX-Supervisor SCS File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-7513
21 Mar 2018 — In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause a stack-based buffer overflow. En las versiones 3.30 y anteriores de Omron CX-Supervisor, el análisis de archivos de proyecto mal formados puede provocar un desbordamiento de búfer basado en pila. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-Supervisor. User interaction is required to exploit this vulnerability in that the target must visit a malicious pag... • http://www.securityfocus.com/bid/103394 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-7515 – OMRON CX-Supervisor SCS File Parsing Uninitialized Pointer Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-7515
21 Mar 2018 — In Omron CX-Supervisor Versions 3.30 and prior, access of uninitialized pointer vulnerabilities can be exploited when CX Supervisor indirectly calls an initialized pointer when parsing malformed packets. En las versiones 3.30 y anteriores de Omron CX-Supervisor, se puede explotan vulnerabilidades de acceso de puntero no inicializado cuando CX-Supervisor llama de forma indirecta a un puntero no inicializado al analizar paquetes mal formados. This vulnerability allows remote attackers to execute arbitrary cod... • http://www.securityfocus.com/bid/103394 • CWE-256: Plaintext Storage of a Password CWE-824: Access of Uninitialized Pointer •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-7517 – OMRON CX-Supervisor SCS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-7517
21 Mar 2018 — In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause an out of bounds vulnerability. En las versiones 3.30 y anteriores de Omron CX-Supervisor, el análisis de archivos de proyecto mal formados puede provocar una vulnerabilidad fuera de límites. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-Supervisor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or ... • http://www.securityfocus.com/bid/103394 • CWE-787: Out-of-bounds Write •