Описание
Multiple buffer overflows in the F1BookView ActiveX control in F1 Bookview in Schneider Electric ProClima before 6.2 allow remote attackers to execute arbitrary code via the (1) Attach, (2) DefinedName, (3) DefinedNameLocal, (4) ODBCPrepareEx, (5) ObjCreatePolygon, (6) SetTabbedTextEx, or (7) SetValidationRule method, a different vulnerability than CVE-2015-8561.
Multiple buffer overflows in the F1BookView ActiveX control in F1 Bookview in Schneider Electric ProClima before 6.2 allow remote attackers to execute arbitrary code via the (1) Attach, (2) DefinedName, (3) DefinedNameLocal, (4) ODBCPrepareEx, (5) ObjCreatePolygon, (6) SetTabbedTextEx, or (7) SetValidationRule method, a different vulnerability than CVE-2015-8561.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2015-7918
- https://ics-cert.us-cert.gov/advisories/ICSA-15-335-02
- http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-329-01
- http://www.zerodayinitiative.com/advisories/ZDI-15-625
- http://www.zerodayinitiative.com/advisories/ZDI-15-630
- http://www.zerodayinitiative.com/advisories/ZDI-15-631
- http://www.zerodayinitiative.com/advisories/ZDI-15-632
- http://www.zerodayinitiative.com/advisories/ZDI-15-633
- http://www.zerodayinitiative.com/advisories/ZDI-15-634
- http://www.zerodayinitiative.com/advisories/ZDI-15-635
Связанные уязвимости
Multiple buffer overflows in the F1BookView ActiveX control in F1 Bookview in Schneider Electric ProClima before 6.2 allow remote attackers to execute arbitrary code via the (1) Attach, (2) DefinedName, (3) DefinedNameLocal, (4) ODBCPrepareEx, (5) ObjCreatePolygon, (6) SetTabbedTextEx, or (7) SetValidationRule method, a different vulnerability than CVE-2015-8561.