52 matches found
CVE-2022-2894
CVE-2022-2894 – Measuresoft ScadaPro Server is associated with unmaintained ActiveX controls that may permit seven untrusted pointer dereference instances when processing a specific project file. The affected product is Measuresoft ScadaPro Server (and Client per related advisories) across all ve...
CVE-2022-2896 Measuresoft ScadaPro Server Use After Free
Measuresoft ScadaPro Server All Versions allows use after free while processing a specific project file...
CVE-2022-2896
Measuresoft ScadaPro Server (All Versions) is affected by CVE-2022-2896 due to a use-after-free in processing a specific project file (ORM-related parsing). The vulnerability can lead to arbitrary code execution, as described by multiple sources (ZDI: remote code execution requiring user interact...
CVE-2022-2894 Measuresoft ScadaPro Server Untrusted Pointer Dereference
Measuresoft ScadaPro Server All Versions uses unmaintained ActiveX controls. The controls may allow seven untrusted pointer deference instances while processing a specific project file...
CVE-2022-2896 Measuresoft ScadaPro Server Use After Free
Measuresoft ScadaPro Server All Versions allows use after free while processing a specific project file...
CVE-2022-2892 Measuresoft ScadaPro Server Out-of-bounds Write
Measuresoft ScadaPro Server Versions prior to 6.8.0.1 uses an unmaintained ActiveX control, which may allow an out-of-bounds write condition while processing a specific project file...
CVE-2022-2892 Measuresoft ScadaPro Server Out-of-bounds Write
Measuresoft ScadaPro Server Versions prior to 6.8.0.1 uses an unmaintained ActiveX control, which may allow an out-of-bounds write condition while processing a specific project file...
CVE-2022-2895
CVE-2022-2895 affects Measuresoft ScadaPro Server (All Versions). The vulnerability stems from unmaintained ActiveX controls used by ScadaPro Server, enabling two stack-based buffer overflow instances while processing a specific project file. ZDI advisories describe remote code execution with use...
Measuresoft ScadaPro Server ORM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Measuresoft ScadaPro Server. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Measuresoft ScadaPro Server Link Following Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Measuresoft ScadaPro Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...
PT-2022-4413 · Measuresoft · Measuresoft Scadapro Server
Name of the Vulnerable Software and Affected Versions: Measuresoft ScadaPro Server versions prior to 6.8.0.1 Description: The issue is related to an out-of-bounds write condition in the Measuresoft ScadaPro Server, potentially allowing an attacker to execute arbitrary code in the target system by...
Measuresoft ScadaPro Server Link Following Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Measuresoft ScadaPro Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...
Measuresoft ScadaPro Server ORM File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Measuresoft ScadaPro Server. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
PT-2022-4634 · Measuresoft · Measuresoft Scadapro Server
Name of the Vulnerable Software and Affected Versions: Measuresoft ScadaPro Server All Versions Description: The issue is related to the use of unmaintained ActiveX controls in Measuresoft ScadaPro Server, which may lead to two stack-based buffer overflow instances when processing a specific...
Measuresoft ScadaPro Server ORM File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Measuresoft ScadaPro Server. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Measuresoft ScadaPro Server ORM File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Measuresoft ScadaPro Server. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Measuresoft ScadaPro Server Link Following Denial-of-Service Vulnerability
This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Measuresoft ScadaPro Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exist...
PT-2022-4633 · Measuresoft · Measuresoft Scadapro Server
Name of the Vulnerable Software and Affected Versions: Measuresoft ScadaPro Server All Versions Description: The issue is related to the use of unmaintained ActiveX controls in Measuresoft ScadaPro Server, which may allow untrusted pointer deference instances while processing a specific project...
Measuresoft ScadaPro Server ORM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Measuresoft ScadaPro Server. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Measuresoft ScadaPro Server ORM File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Measuresoft ScadaPro Server. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...