15 matches found
EUVD-2018-9666
Malware in sbrugna...
EUVD-2017-16879
Malware in sbrugna...
GE iFix Unauthorized Operation Vulnerability
iFIX is a GE Intelligent Platform GE-IP providing automation hardware and software solutions. A security vulnerability exists in the Gigasoft component of GE iFix. An attacker could exploit the vulnerability to perform unauthorized operations...
CVE-2018-17925
Multiple instances of this vulnerability Unsafe ActiveX Control Marked Safe For Scripting have been identified in the third-party ActiveX object provided to GE iFIX versions 2.0 - 5.8 by Gigasoft. Only the independent use of the Gigasoft charting package outside the iFIX product may expose users ...
CVE-2018-17925
Multiple instances of this vulnerability Unsafe ActiveX Control Marked Safe For Scripting have been identified in the third-party ActiveX object provided to GE iFIX versions 2.0 - 5.8 by Gigasoft. Only the independent use of the Gigasoft charting package outside the iFIX product may expose users ...
Design/Logic Flaw
Multiple instances of this vulnerability Unsafe ActiveX Control Marked Safe For Scripting have been identified in the third-party ActiveX object provided to GE iFIX versions 2.0 - 5.8 by Gigasoft. Only the independent use of the Gigasoft charting package outside the iFIX product may expose users ...
CVE-2018-17925
Multiple instances of this vulnerability Unsafe ActiveX Control Marked Safe For Scripting have been identified in the third-party ActiveX object provided to GE iFIX versions 2.0 - 5.8 by Gigasoft. Only the independent use of the Gigasoft charting package outside the iFIX product may expose users ...
CVE-2018-17925
CVE-2018-17925 concerns a vulnerability in the Gigasoft component of GE iFIX (ActiveX marked Safe For Scripting). Affected products include GE iFIX 2.0–5.0, 5.1, 5.5 and 5.8; older Gigasoft components may be used in other vendors’ products. The issue arises from an unsafe ActiveX control within t...
GE iFix
1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: GE Equipment: Gigasoft component of iFix Vulnerability: Unsafe ActiveX Control Marked Safe For Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a buffer...
CVE-2017-7908
A heap-based buffer overflow exists in the third-party product Gigasoft, v5 and prior, included in GE Communicator 3.15 and prior. A malicious HTML file that loads the ActiveX controls can trigger the vulnerability via unchecked function calls...
CVE-2017-7908
A heap-based buffer overflow exists in the third-party product Gigasoft, v5 and prior, included in GE Communicator 3.15 and prior. A malicious HTML file that loads the ActiveX controls can trigger the vulnerability via unchecked function calls...
Heap overflow
A heap-based buffer overflow exists in the third-party product Gigasoft, v5 and prior, included in GE Communicator 3.15 and prior. A malicious HTML file that loads the ActiveX controls can trigger the vulnerability via unchecked function calls...
CVE-2017-7908
A heap-based buffer overflow exists in the third-party product Gigasoft, v5 and prior, included in GE Communicator 3.15 and prior. A malicious HTML file that loads the ActiveX controls can trigger the vulnerability via unchecked function calls...
CVE-2017-7908
CVE-2017-7908 is a heap-based buffer overflow in the Gigasoft ActiveX controls embedded in GE Communicator (v5 and earlier). A malicious HTML file loading these controls can trigger unchecked function calls, enabling arbitrary code execution (and possible DoS) as described for Communicator 3.15 a...
GE Communicator
1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: GE Equipment: Communicator Vulnerability: Heap-based Buffer Overflow 2. RISK EVALUATION Exploitation could allow attackers to execute arbitrary code or create a denial-of-service condition. 3...