Описание
Invensys Wonderware HMI Reports 3.42.835.0304 and earlier, as used in Ocean Data Systems Dream Report before 4.0 and other products, allows user-assisted remote attackers to execute arbitrary code via a malformed file that triggers a "write access violation."
Ссылки
- Vendor Advisory
- Vendor Advisory
- US Government Resource
- US Government Resource
- Vendor Advisory
- Vendor Advisory
- US Government Resource
- US Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до 3.43 (включая)Версия до 3.42.835.0304 (включая)
Одно из
cpe:2.3:a:dreamreport:dream_report:*:*:*:*:*:*:*:*
cpe:2.3:a:dreamreport:dream_report:3.21:*:*:*:*:*:*:*
cpe:2.3:a:dreamreport:dream_report:3.41:*:*:*:*:*:*:*
cpe:2.3:a:dreamreport:dream_report:3.42:*:*:*:*:*:*:*
cpe:2.3:a:invensys:wonderware_hmi_reports:*:*:*:*:*:*:*:*
EPSS
Процентиль: 87%
0.0332
Низкий
9.3 Critical
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
больше 3 лет назад
Invensys Wonderware HMI Reports 3.42.835.0304 and earlier, as used in Ocean Data Systems Dream Report before 4.0 and other products, allows user-assisted remote attackers to execute arbitrary code via a malformed file that triggers a "write access violation."
EPSS
Процентиль: 87%
0.0332
Низкий
9.3 Critical
CVSS2
Дефекты
CWE-264