Описание
Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8513 and CVE-2014-8514. NOTE: this may be clarified later based on details provided by researchers.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
- PatchThird Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до 6.0.1 (включая)
cpe:2.3:a:schneider_electric:proclima:*:*:*:*:*:*:*:*
EPSS
Процентиль: 95%
0.17944
Средний
10 Critical
CVSS2
9 Critical
CVSS2
Дефекты
CWE-77
CWE-119
Связанные уязвимости
github
больше 3 лет назад
Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8513 and CVE-2014-8514. NOTE: this may be clarified later based on details provided by researchers.
EPSS
Процентиль: 95%
0.17944
Средний
10 Critical
CVSS2
9 Critical
CVSS2
Дефекты
CWE-77
CWE-119