Описание
Stack-based buffer overflow in the rf_report_error function in ermapper_u.dll in Intergraph ERDAS ER Viewer before 13.0.1.1301 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long string in an ERS file.
Ссылки
- Vendor Advisory
- Exploit
- Vendor Advisory
- Vendor Advisory
- Exploit
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 13.0.1.1298 (включая)
Одно из
cpe:2.3:a:hexagon:erdas_er_viewer:*:*:*:*:*:*:*:*
cpe:2.3:a:hexagon:erdas_er_viewer:11.04:*:*:*:*:*:*:*
cpe:2.3:a:hexagon:erdas_er_viewer:13.00.0001:*:*:*:*:*:*:*
EPSS
Процентиль: 98%
0.6574
Средний
9.3 Critical
CVSS2
Дефекты
CWE-119
Связанные уязвимости
github
больше 3 лет назад
Stack-based buffer overflow in the rf_report_error function in ermapper_u.dll in Intergraph ERDAS ER Viewer before 13.0.1.1301 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long string in an ERS file.
EPSS
Процентиль: 98%
0.6574
Средний
9.3 Critical
CVSS2
Дефекты
CWE-119