Advantech WebAccess bwocxrun.ocx CreateProcess Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Advantech WebAccess SCADA bwocxrun.ocx Command Execution (CVE-2014-0773)

A command execution vulnerability has been reported in Advantech WebAccess SCADA software. The vulnerability is due to insufficient input validation while parsing the first parameter of the bwocxrun.ocx ActiveX control. A remote, unauthenticated attacker could exploit this vulnerability by entici...

Advantech WebAccess bwocxrun.ocx任意文件访问漏洞

CVE ID:CVE-2014-0771 Advantech WebAccess HMI/SCADA是一款HMI/SCADA软件。 Advantech WebAccess BWOCXRUN.BwocxrunCtrl.1 ActiveX控件bwocxrun.ocx中的OpenUrlToBuffer方法存在安全漏洞，由于程序不正确对'file://' URL进行校验，允许攻击者访问任意文件。 0 Advantech WebAccess 7.1 Advantech WebAccess 7.2版本已修复该漏洞，建议用户下载使用： http://webaccess.advantech.com/...

Buffer overflow

The OpenUrlToBuffer method in the BWOCXRUN.BwocxrunCtrl.1 ActiveX control in bwocxrun.ocx in Advantech WebAccess before 7.2 allows remote attackers to read arbitrary files via a file: URL...

Advantech / BroadWin WebAccess Client 'bwocxrun.ocx ' Multiple Remote Vulnerabilities

Binary data scadaadvantechbwocxrun.nbin...