CVE-2019-10967

In Emerson Ovation OCR400 Controller 3.3.1 and earlier, a stack-based buffer overflow vulnerability in the embedded third-party FTP server involves improper handling of a long file name from the LIST command to the FTP service, which may cause the service to overwrite buffers, leading to remote...

CVE-2019-10967

The CVE-2019-10967 entry concerns Emerson Ovation OCR400 Controller with OCR400 v3.3.1 or earlier. A stack-based buffer overflow in the embedded third‑party FTP server arises from improper handling of a long file name in the LIST command, potentially overwriting buffers and enabling remote code e...

CVE-2019-10965

In Emerson Ovation OCR400 Controller 3.3.1 and earlier, a heap-based buffer overflow vulnerability in the embedded third-party FTP server involves improper handling of a long command to the FTP service, which may cause memory corruption that halts the controller or leads to remote code execution...

Emerson Ovation OCR400 Controller

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Emerson Equipment: Ovation OCR400 Controller Vulnerabilities: Stack-based Buffer Overflow, Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow...