CVE-2022-40984

Опубликовано: 24 окт. 2022

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

Stack-based buffer overflow in WTViewerE series WTViewerE 761941 from 1.31 to 1.61 and WTViewerEfree from 1.01 to 1.52 allows an attacker to cause the product to crash by processing a long file name.

Ссылки

https://cdn.aff.yokogawa.com/8/756/details/Vulnerability_in_YOKOGAWA_application_software_WTViewerE_r0_e.pdf
Vendor Advisory
https://jvn.jp/en/vu/JVNVU99955870/index.html
Third Party Advisory
https://cdn.aff.yokogawa.com/8/756/details/Vulnerability_in_YOKOGAWA_application_software_WTViewerE_r0_e.pdf
Vendor Advisory
https://jvn.jp/en/vu/JVNVU99955870/index.html
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:yokogawa:wtviewere_761941:*:*:*:*:*:*:*:*

Версия от 1.31 (включая) до 1.62 (исключая)

cpe:2.3:a:yokogawa:wtviewerefree:*:*:*:*:*:*:*:*

Версия от 1.01 (включая) до 1.53 (исключая)

EPSS

Процентиль: 70%

0.00654

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-787

Связанные уязвимости

GHSA-w9r8-q59v-7xx4