An unauthenticated attacker could leverage this vulnerability to obtain NTLMv2 credentials. Exploitation of this issue requires user interaction in that a victim must open a maliciously crafted Microsoft Office file, or visit an attacker controlled web page.Īcrobat Reader DC ActiveX Control versions 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Information Disclosure vulnerability. Remote attackers can use this vulerability to encourage users to access crafted web pages, causing damage such as malicious code infections.Īcrobat Reader DC ActiveX Control versions 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Information Disclosure vulnerability. Origin validation error vulnerability in NeoRS’s ActiveX moudle allows attackers to download and execute arbitrary files. Measuresoft ScadaPro Server (Versions prior to 6.8.0.1) uses an unmaintained ActiveX control, which may allow an out-of-bounds write condition while processing a specific project file. The controls may allow seven untrusted pointer deference instances while processing a specific project file. Measuresoft ScadaPro Server (All Versions) uses unmaintained ActiveX controls. These controls may allow two stack-based buffer overflow instances while processing a specific project file. These services were designed on top of the Windows ActiveX and DCOM mechanisms and do not implement state-of-the-art security mechanisms for authentication and encryption of contents. Before SIMATIC WinCC V8, legacy OPC services (OPC DA (Data Access), OPC HDA (Historical Data Access), and OPC AE (Alarms & Events)) were used per default. Microsoft ActiveX Remote Code Execution VulnerabilityĪ vulnerability has been identified in SIMATIC NET PC Software V14 (All versions), SIMATIC NET PC Software V15 (All versions), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions), SIMATIC WinCC (All versions < V8.0), SINAUT Software ST7sc (All versions).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |