6 matches found
CVE-2011-4520
PROMOTIC ActiveX heap overflow (CVE-2011-4520) affects MICROSYS PROMOTIC
CVE-2011-4518
CVE-2011-4518 is a directory traversal vulnerability in the PROMOTIC web server’s PmWebDir object, affecting MICROSYS PROMOTIC before 8.1.5. Remote attackers could read arbitrary files via unspecified vectors. Multiple sources (Red Hat, NVD/NVD-linked references, ICS-CERT) corroborate the vulnera...
CVE-2014-9205
CVE-2014-9205 affects MICROSYS PROMOTIC: stack-based buffer overflow in the PmBase64Decode function in a demonstration application. Vulnerable in PROMOTIC stable prior to 8.2.19 and development prior to 8.3.2. Attackers can remotely execute arbitrary code by sending large data; ZDI assigns CVSSv2...
CVE-2011-4519
CVE-2011-4519 affects MICROSYS PROMOTIC before 8.1.5, where an ActiveX component contains a stack overflow vulnerability. A crafted HTML page can remotely trigger a denial of service on affected clients. Public analysis across multiple feeds confirms the ActiveX stack overflow, with remediation g...
CVE-2016-0869
The CVE-2016-0869 vulnerability affects MICROSYS PROMOTIC prior to version 8.3.11. It is a heap-based buffer overflow in the HTML handling that can be triggered by a user loading a malformed HTML document, leading to a denial of service. Connected advisories (ICS-CERT ICSA-16-026-01) confirm memo...
CVE-2011-4874
CVE-2011-4874 affects MICROSYS PROMOTIC before 8.1.7. A use-after-free in handling a crafted project file (.pra) can lead to arbitrary code execution or data corruption with application crash. Affected products: PROMOTIC versions prior to 8.1.7. Exploitation is not remotely exploitable per ICS-CE...