CVE-2014-0773

2014-04-12T00:37:31
ID CVE-2014-0773
Type cve
Reporter NVD
Modified 2014-04-14T13:56:26

Description

The CreateProcess method in the BWOCXRUN.BwocxrunCtrl.1 ActiveX control in bwocxrun.ocx in Advantech WebAccess before 7.2 allows remote attackers to execute (1) setup.exe, (2) bwvbprt.exe, and (3) bwvbprtl.exe programs from arbitrary pathnames via a crafted argument, as demonstrated by a UNC share pathname.