2 matches found
CVE-2022-3379
Horner Automation's Cscape version 9.90 SP7 and prior does not properly validate user-supplied data. If a user opens a maliciously formed FNT file, then an attacker could execute arbitrary code within the current process by writing outside the memory buffer...
CVE-2022-3379
Summary: CVE-2022-3379 affects Horner Automation’s Cscape up to version 9.90 SP7 (and prior). The vulnerability arises from improper validation of user-supplied data in FNT file handling, enabling a local attacker to execute arbitrary code by writing outside the memory buffer when a malicious FNT...