147 matches found
Xxe
XML external entity XXE vulnerability in the WebHMI server in Yokogawa Electric Corporation FAST/TOOLS before R9.05-SP2 allows local users to cause a denial of service CPU or network traffic consumption or read arbitrary files via unspecified vectors...
CVE-2014-7251
XML external entity XXE vulnerability in the WebHMI server in Yokogawa Electric Corporation FAST/TOOLS before R9.05-SP2 allows local users to cause a denial of service CPU or network traffic consumption or read arbitrary files via unspecified vectors...
CVE-2014-7251
The CVE-2014-7251 entry describes an XML External Entity (XXE) vulnerability in Yokogawa FAST/TOOLS WebHMI server prior to R9.05-SP2. The root cause is improper restriction of XML external entities (CWE-611), which could allow a local attacker to cause DoS via CPU/network load or read arbitrary f...
FAST/TOOLS vulnerable to improper restriction of XML external entity references
Overview FAST/TOOLS provided by Yokogawa Electric Corporation contains a vulnerability where XML external entity XXE references are not properly restricted CWE-611. Timur Yunusov, Alexey Osipov and Ilya Karpov of Positive Technologies reported this vulnerability to JPCERT/CC. JPCERT/CC coordinate...
JVN#54775800: FAST/TOOLS vulnerable to improper restriction of XML external entity references
FAST/TOOLS provided by Yokogawa Electric Corporation contains a vulnerability where XML external entity XXE references are not properly restricted CWE-611. Impact When opening a project with a specially crafted XML file, information managed by the product may be disclosed or may become a victim o...
Yokogawa FAST/TOOLS XML External Entity
OVERVIEW Timur Yunusov, Alexey Osipov, and Ilya Karpov of Positive Technologies Inc. have identified an XML external entity processing vulnerability in the Yokogawa FAST/TOOLS application. Yokogawa has produced a service pack that mitigates this vulnerability. AFFECTED PRODUCTS The following...
PT-2014-64: XML External Entity Injection in Yokogawa FAST/TOOLS
The specialists of the Positive Research center have detected an XML External Entity Injection vulnerability in the Yokogawa FAST/TOOLS application. A local attacker can trick the WebHMI server into sending data to an outside computer. This vulnerability can also increase the load of the WebHMI...