Lucene search

[email protected]CVE-2013-5022

HistoryAug 06, 2013 - 8:55 p.m.

CVE-2013-5022

2013-08-0620:55:05

CWE-22

[email protected]

web.nvd.nist.gov

vulnerability

absolute path

traversal

national instruments

labwindows

cvi

3d graph

activex

labview

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

79.1%

JSON

Absolute path traversal vulnerability in the 3D Graph ActiveX control in cw3dgrph.ocx in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products allows remote attackers to create and execute arbitrary files via a full pathname in an argument to the ExportStyle method, in conjunction with file content in the (1) Caption or (2) FormatString property value.

Affected configurations

NVD

Node

nilabviewRange≤2012

nilabwindowsRange≤2012

nimeasurementstudioRange≤2013

niteststandRange≤2012

CPENameOperatorVersion
ni:labviewni labviewle2012
ni:labwindowsni labwindowsle2012
ni:measurementstudioni measurementstudiole2013
ni:teststandni teststandle2012

CPE	Name	Operator	Version
ni:labview	ni labview	le	2012
ni:labwindows	ni labwindows	le	2012
ni:measurementstudio	ni measurementstudio	le	2013
ni:teststand	ni teststand	le	2012

References

digital.ni.com/public.nsf/allkb/782E4F31442D833186257BD3004AEB47?OpenDocument

digital.ni.com/public.nsf/websearch/507DEC9DA57A708186257B3600512623?OpenDocument

digital.ni.com/public.nsf/websearch/C4619A438F7E78E486257B360050BD7D?OpenDocument

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

79.1%

JSON

Related for CVE-2013-5022

prion1 cvelist1 checkpoint_advisories1 nvd1