Описание
Stack-based buffer overflow in Hummingbird.XWebHostCtrl.1 ActiveX control (hclxweb.dll) in Hummingbird Xweb ActiveX Control 13.0 and earlier allows remote attackers to execute arbitrary code via a long PlainTextPassword property. NOTE: code execution might not be possible in 13.0.
Ссылки
- ExploitVendor Advisory
- ExploitVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 13.0 (включая)
Одно из
cpe:2.3:a:hummingbird:exceed:*:*:*:*:*:*:*:*
cpe:2.3:a:hummingbird:exceed:9.0:*:*:*:*:*:*:*
cpe:2.3:a:hummingbird:exceed:10.0:*:*:*:*:*:*:*
cpe:2.3:a:hummingbird:exceed:2006:*:*:*:*:*:*:*
cpe:2.3:a:hummingbird:exceed:2007:*:*:*:*:*:*:*
cpe:2.3:a:hummingbird:exceed_powersuite:*:*:*:*:*:*:*:*
EPSS
Процентиль: 92%
0.08303
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-119
Связанные уязвимости
github
больше 3 лет назад
Stack-based buffer overflow in Hummingbird.XWebHostCtrl.1 ActiveX control (hclxweb.dll) in Hummingbird Xweb ActiveX Control 13.0 and earlier allows remote attackers to execute arbitrary code via a long PlainTextPassword property. NOTE: code execution might not be possible in 13.0.
EPSS
Процентиль: 92%
0.08303
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-119