Schneider Electric ProClima MetaDraw ArrangeObjects Memory Corruption (CVE-2014-9188)
A code execution vulnerability has been reported in Schneider Electric ProClima. The vulnerability is due to the dereferencing of an attacker supplied memory address by the MetaDraw ActiveX control's ArrangeObjects method. A remote unauthenticated attacker could exploit this vulnerability by...