2 matches found
Natus Xltek NeuroWorks
1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Natus Medical, Inc. Natus Equipment: Natus Xltek NeuroWorks software Vulnerabilities: Stack-Based Buffer Overflow, Out-of-Bounds Read 2. RISK EVALUATION Successful exploitation of these...
CVE-2017-2853
CVE-2017-2853 affects Natus Xltek NeuroWorks 8. During processing of the command RequestForPatientInfoEEGfile, the NWStorage component builds a file path from a client-supplied value and uses a stack buffer in a sprintf call, which can overflow and overwrite the SEH chain. This leads to remote co...