Schneider Electric SoMachine HVAC AxEditGrid ActiveX Untrusted Pointer Dereference (CVE-2016-4529)
The vulnerability is due to a dereference of user-supplied SetDataIntf parameter value as a function pointer within the AxEditGrid ActiveX control. A remote, unauthenticated attacker could exploit this vulnerability by enticing a victim user to open a specially crafted web page. Successful...