Описание
Multiple stack-based buffer overflows in the Earth Resource Mapping NCSView ActiveX control before 3.4.0.242 in NCSView.dll, as distributed in ER Mapper ECW JPEG 2000 Plug-in before 8.1, allow remote attackers to execute arbitrary code via unspecified vectors.
Ссылки
- Vendor Advisory
- PatchThird Party AdvisoryUS Government Resource
- Vendor Advisory
- PatchThird Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до 8 (включая)
cpe:2.3:a:er_mapper:image_web_server_ecw_jpeg_2000_plug-in:*:*:*:*:*:*:*:*
EPSS
Процентиль: 94%
0.13574
Средний
9.3 Critical
CVSS2
Дефекты
CWE-119
Связанные уязвимости
github
почти 4 года назад
Multiple stack-based buffer overflows in the Earth Resource Mapping NCSView ActiveX control before 3.4.0.242 in NCSView.dll, as distributed in ER Mapper ECW JPEG 2000 Plug-in before 8.1, allow remote attackers to execute arbitrary code via unspecified vectors.
EPSS
Процентиль: 94%
0.13574
Средний
9.3 Critical
CVSS2
Дефекты
CWE-119