Stack-based buffer overflow in the ERM_convert_to_correct_webpath function in ermapper_u.dll in ERDAS ER Viewer before 13.00.0001 allows remote attackers to execute arbitrary code via a crafted pathname in an ERS file.
8.1AI Score
0.93EPSS
Multiple stack-based buffer overflows in NCSAddOn.dll in the ERDAS APOLLO ECWP plugin before 13.00.0001 for Internet Explorer, Firefox, and Chrome allow remote attackers to execute arbitrary code via a long property value.
8AI Score
0.02EPSS
Stack-based buffer overflow in the rf_report_error function in ermapper_u.dll in Intergraph ERDAS ER Viewer before 13.0.1.1301 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long string in an ERS file.
8.3AI Score
0.91EPSS
Stack-based buffer overflow in ermapper_u.dll in Intergraph ERDAS ER Viewer before 13.0.1.1301 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ERS file.
8.3AI Score
0.032EPSS
Hexagon G!nius Auskunftsportal before 5.0.0.0 allows SQL injection via the GiPWorkflow/Service/DownloadPublicFile id parameter.
7.5CVSS
7.9AI Score
0.023EPSS