GE Communicator

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: General Electric Equipment: Communicator Vulnerabilities: Uncontrolled Search Path, Use of Hard-coded Credentials, Improper Access Controls 2. RISK EVALUATION Successful exploitation of these...

Authentication flaw

Avaya one-X Communicator uses weak cryptographic algorithms in the client authentication component that could allow a local attacker to decrypt sensitive information. Affected versions include all 6.2.x versions prior to 6.2 SP13...

CVE-2019-7006

Avaya one-X Communicator uses weak cryptographic algorithms in the client authentication component that could allow a local attacker to decrypt sensitive information. Affected versions include all 6.2.x versions prior to 6.2 SP13...

CVE-2019-7006

This CVE affects Avaya one-X Communicator where the vulnerability resides in the client authentication component, using weak cryptographic algorithms. The issue could allow a local attacker to decrypt sensitive information. Affected versions are all 6.2.x prior to 6.2 SP13; remediation is to upgr...

CVE-2017-7908

A heap-based buffer overflow exists in the third-party product Gigasoft, v5 and prior, included in GE Communicator 3.15 and prior. A malicious HTML file that loads the ActiveX controls can trigger the vulnerability via unchecked function calls...

Heap overflow

A heap-based buffer overflow exists in the third-party product Gigasoft, v5 and prior, included in GE Communicator 3.15 and prior. A malicious HTML file that loads the ActiveX controls can trigger the vulnerability via unchecked function calls...

CVE-2017-7908

A heap-based buffer overflow exists in the third-party product Gigasoft, v5 and prior, included in GE Communicator 3.15 and prior. A malicious HTML file that loads the ActiveX controls can trigger the vulnerability via unchecked function calls...

CVE-2017-7908

CVE-2017-7908 is a heap-based buffer overflow in the Gigasoft ActiveX controls embedded in GE Communicator (v5 and earlier). A malicious HTML file loading these controls can trigger unchecked function calls, enabling arbitrary code execution (and possible DoS) as described for Communicator 3.15 a...

CVE-2017-7908

A heap-based buffer overflow exists in the third-party product Gigasoft, v5 and prior, included in GE Communicator 3.15 and prior. A malicious HTML file that loads the ActiveX controls can trigger the vulnerability via unchecked function calls...

GE Communicator

1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: GE Equipment: Communicator Vulnerability: Heap-based Buffer Overflow 2. RISK EVALUATION Exploitation could allow attackers to execute arbitrary code or create a denial-of-service condition. 3...

Description of the cumulative update package for Communicator 2007 R2: June, 2011

Describes the bugs that are fixed in the June, 2011 cumulative update package for Communicator 2007 R2.SummaryThis article describes the Microsoft Office Communicator 2007 R2 issues that are fixed in the update for Communicator 2007 R2 that is dated June, 2011.This article describes the following...

Description of the cumulative update package for Communicator 2007 R2: July 2010

Describes the issues that are fixed in the July, 2010 cumulative update package for Communicator 2007 R2.SummaryThis article describes the Microsoft Office Communicator 2007 R2 issues that are fixed in the update for Communicator 2007 R2 that is dated July 2010.This article describes the followin...

Description of the update for Communicator 2007 R2: Oct 2009

Provides information about the update for Communicator 2007 R2 that is dated Oct 2009.SummaryThis article describes the Microsoft Office Communicator 2007 R2 issues that are fixed in the update for Communicator 2007 R2 that is dated Oct 2009.This article describes the following items about the...

Description of the cumulative update package for Communicator 2007 R2: April 2010

Describes the issues that are fixed in the cumulative update package for Communicator 2007 R2: April 2010.SummaryThis article describes the Microsoft Office Communicator 2007 R2 issues that are fixed in the update for Communicator 2007 R2 that is dated April 2010.This article describes the...

Description of the Communicator 2007 R2 cumulative update: January 2010

Describes the issue that is fixed in the Communicator 2007 R2 cumulative update that is dated January 2010.SummaryThis article describes the Microsoft Office Communicator 2007 R2 issue that is fixed in the cumulative update that is dated January 2010.This article describes the following items abo...

Exploiting ShoreTel Communicator through Situational Awareness

The post Exploiting ShoreTel Communicator through Situational Awareness appeared first on Rhino Security Labs...

GE Communicator Heap Buffer Overflow Vulnerability

GE Communicator is an application for authoring and monitoring metering equipment. A security vulnerability in the handling of the GE Communicator ActiveX control allows remote attackers to exploit the vulnerability to submit a special request to execute arbitrary code in the context of the...

GE Communicator

CVSS v3 7.6 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: GE Equipment: Communicator Vulnerability: Heap-Based Buffer Overflow AFFECTED PRODUCTS The following versions of Communicator, an application for programming and monitoring supported metering devices, are affected:...

The vulnerability of the Android operating system, allowing a hacker to execute arbitrary code

The vulnerability of the Qualcomm Secure Execution Environment Communicator driver for the Android operating system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the kernel context from a local malicious...

The vulnerability of the Android operating system, allowing a hacker to execute arbitrary code

The vulnerability of the Qualcomm Secure Execution Environment Communicator driver for the Android operating system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the kernel context from a local malicious...