EUVD-2015-6404

Malware in sbrugna...

PT-2024-37745 · Endress+Hauser · Fieldcare +1

Name of the Vulnerable Software and Affected Versions: Endress+Hauser products, including Echo Curve Viewer and FieldCare software affected versions not specified Description: An unauthenticated remote attacker can run malicious C code included in curve files and execute commands in the user's...

Endress+Hauser FieldCare CodeWrights HART Comm DTM Component Arbitrary File Read Vulnerability

Endress+Hauser FieldCare is a suite of applications for managing the FDT/DTM framework.CodeWrights HART Comm DTM is a component for providing communication protocol information to the FDT/DTM framework application. A security vulnerability in the CodeWrights HART Comm DTM group used by...

CVE-2015-6463

CodeWrights HART Comm DTM components, as used with Endress+Hauser FieldCare, allow remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service CPU and memory consumption via a longtag XML schema containing an external entity declaration in...

Xxe

CodeWrights HART Comm DTM components, as used with Endress+Hauser FieldCare, allow remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service CPU and memory consumption via a longtag XML schema containing an external entity declaration in...

CVE-2015-6463

CVE-2015-6463 concerns CodeWrights HART Comm DTM components used with Endress+Hauser FieldCare. The vulnerability arises from processing a longtag XML schema containing an external entity declaration and an entity reference (XXE), enabling a remote attacker to read arbitrary files, issue HTTP req...