Lucene search
CVE-2022-3378
Horner Automation's Cscape version 9.90 SP 7 and prior does not properly validate user-supplied data. If a user opens a maliciously formed FNT file, then an attacker could execute arbitrary code within the current process by accessing an uninitialized pointer, leading to an out-of-bounds memory write
Show more
| Reporter | Title | Published | Views | Family All 5 |
|---|---|---|---|---|
 | CVE-2022-3378 | 27 Oct 202223:15 | – | nvd |
 | CVE-2022-3378 | 6 Feb 202500:53 | – | redhatcve |
 | Design/Logic Flaw | 27 Oct 202223:15 | – | prion |
 | CVE-2022-3378 | 27 Oct 202223:15 | – | cve |
 | Horner Automation Cscape | 4 Oct 202206:00 | – | ics |
[
{
"defaultStatus": "unaffected",
"product": "Cscape",
"vendor": "Horner Automation",
"versions": [
{
"lessThanOrEqual": "9.90",
"status": "affected",
"version": "0",
"versionType": "SP 7"
}
]
}
]| Source | Link |
|---|---|
| cisa | www.cisa.gov/uscert/ics/advisories/icsa-22-277-03 |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo27 Oct 2022 22:13Current
8High risk
Vulners AI Score8
CVSS37.8
EPSS0.00356