Lucene search
K

147 matches found

Prion
Prion
added 2014/12/06 3:59 p.m.9 views

Xxe

XML external entity XXE vulnerability in the WebHMI server in Yokogawa Electric Corporation FAST/TOOLS before R9.05-SP2 allows local users to cause a denial of service CPU or network traffic consumption or read arbitrary files via unspecified vectors...

3.2CVSS6.9AI score0.00319EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2014/12/06 3:0 p.m.12 views

CVE-2014-7251

XML external entity XXE vulnerability in the WebHMI server in Yokogawa Electric Corporation FAST/TOOLS before R9.05-SP2 allows local users to cause a denial of service CPU or network traffic consumption or read arbitrary files via unspecified vectors...

6.3AI score0.00319EPSS
Exploits0References4
CVE
CVE
added 2014/12/06 3:0 p.m.41 views

CVE-2014-7251

The CVE-2014-7251 entry describes an XML External Entity (XXE) vulnerability in Yokogawa FAST/TOOLS WebHMI server prior to R9.05-SP2. The root cause is improper restriction of XML external entities (CWE-611), which could allow a local attacker to cause DoS via CPU/network load or read arbitrary f...

3.2CVSS6.5AI score0.00319EPSS
Exploits0References4Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2014/11/28 5:54 a.m.2 views

FAST/TOOLS vulnerable to improper restriction of XML external entity references

Overview FAST/TOOLS provided by Yokogawa Electric Corporation contains a vulnerability where XML external entity XXE references are not properly restricted CWE-611. Timur Yunusov, Alexey Osipov and Ilya Karpov of Positive Technologies reported this vulnerability to JPCERT/CC. JPCERT/CC coordinate...

3.2CVSS6.6AI score0.00319EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2014/11/28 12:0 a.m.19 views

JVN#54775800: FAST/TOOLS vulnerable to improper restriction of XML external entity references

FAST/TOOLS provided by Yokogawa Electric Corporation contains a vulnerability where XML external entity XXE references are not properly restricted CWE-611. Impact When opening a project with a specially crafted XML file, information managed by the product may be disclosed or may become a victim o...

3.2CVSS6.1AI score0.00319EPSS
Exploits0
ICS
ICS
added 2014/09/11 6:0 a.m.32 views

Yokogawa FAST/TOOLS XML External Entity

OVERVIEW Timur Yunusov, Alexey Osipov, and Ilya Karpov of Positive Technologies Inc. have identified an XML external entity processing vulnerability in the Yokogawa FAST/TOOLS application. Yokogawa has produced a service pack that mitigates this vulnerability. AFFECTED PRODUCTS The following...

3.2CVSS6.5AI score0.00319EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2012/11/20 12:0 a.m.5 views

PT-2014-64: XML External Entity Injection in Yokogawa FAST/TOOLS

The specialists of the Positive Research center have detected an XML External Entity Injection vulnerability in the Yokogawa FAST/TOOLS application. A local attacker can trick the WebHMI server into sending data to an outside computer. This vulnerability can also increase the load of the WebHMI...

3.2CVSS6.7AI score0.00319EPSS
Exploits0References5
Rows per page
Query Builder