CVE-2019-6556 – OMRON CX-One CX-Programmer CXP File Parsing Use-After-Free Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2019-6556

10 Apr 2019 — When processing project files, the application (Omron CX-Programmer v9.70 and prior and Common Components January 2019 and prior) fails to check if it is referencing freed memory. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application. Al procesar archivos de proyecto, la aplicación (Omron CX-Programmer v9.70 y Common Components anteriores a enero de 2019) no comprueban si hacen referencia a la memoria liberada. Un atacante podría utilizar ... • https://ics-cert.us-cert.gov/advisories/ICSA-19-094-01 • CWE-416: Use After Free •