EUVD-2017-16879

Malware in sbrugna...

EUVD-2018-9666

Malware in sbrugna...

GE iFix Unauthorized Operation Vulnerability

iFIX is a GE Intelligent Platform GE-IP providing automation hardware and software solutions. A security vulnerability exists in the Gigasoft component of GE iFix. An attacker could exploit the vulnerability to perform unauthorized operations...

CVE-2018-17925

Multiple instances of this vulnerability Unsafe ActiveX Control Marked Safe For Scripting have been identified in the third-party ActiveX object provided to GE iFIX versions 2.0 - 5.8 by Gigasoft. Only the independent use of the Gigasoft charting package outside the iFIX product may expose users ...

CVE-2018-17925

Multiple instances of this vulnerability Unsafe ActiveX Control Marked Safe For Scripting have been identified in the third-party ActiveX object provided to GE iFIX versions 2.0 - 5.8 by Gigasoft. Only the independent use of the Gigasoft charting package outside the iFIX product may expose users ...

Design/Logic Flaw

Multiple instances of this vulnerability Unsafe ActiveX Control Marked Safe For Scripting have been identified in the third-party ActiveX object provided to GE iFIX versions 2.0 - 5.8 by Gigasoft. Only the independent use of the Gigasoft charting package outside the iFIX product may expose users ...

CVE-2018-17925

CVE-2018-17925 concerns a vulnerability in the Gigasoft component of GE iFIX (ActiveX marked Safe For Scripting). Affected products include GE iFIX 2.0–5.0, 5.1, 5.5 and 5.8; older Gigasoft components may be used in other vendors’ products. The issue arises from an unsafe ActiveX control within t...

CVE-2018-17925

Multiple instances of this vulnerability Unsafe ActiveX Control Marked Safe For Scripting have been identified in the third-party ActiveX object provided to GE iFIX versions 2.0 - 5.8 by Gigasoft. Only the independent use of the Gigasoft charting package outside the iFIX product may expose users ...

GE iFix

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: GE Equipment: Gigasoft component of iFix Vulnerability: Unsafe ActiveX Control Marked Safe For Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a buffer...

CVE-2017-7908

A heap-based buffer overflow exists in the third-party product Gigasoft, v5 and prior, included in GE Communicator 3.15 and prior. A malicious HTML file that loads the ActiveX controls can trigger the vulnerability via unchecked function calls...

Heap overflow

A heap-based buffer overflow exists in the third-party product Gigasoft, v5 and prior, included in GE Communicator 3.15 and prior. A malicious HTML file that loads the ActiveX controls can trigger the vulnerability via unchecked function calls...

CVE-2017-7908

A heap-based buffer overflow exists in the third-party product Gigasoft, v5 and prior, included in GE Communicator 3.15 and prior. A malicious HTML file that loads the ActiveX controls can trigger the vulnerability via unchecked function calls...

CVE-2017-7908

CVE-2017-7908 is a heap-based buffer overflow in the Gigasoft ActiveX controls embedded in GE Communicator (v5 and earlier). A malicious HTML file loading these controls can trigger unchecked function calls, enabling arbitrary code execution (and possible DoS) as described for Communicator 3.15 a...

CVE-2017-7908

A heap-based buffer overflow exists in the third-party product Gigasoft, v5 and prior, included in GE Communicator 3.15 and prior. A malicious HTML file that loads the ActiveX controls can trigger the vulnerability via unchecked function calls...

GE Communicator

1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: GE Equipment: Communicator Vulnerability: Heap-based Buffer Overflow 2. RISK EVALUATION Exploitation could allow attackers to execute arbitrary code or create a denial-of-service condition. 3...