Lucene search
K
MicrosysPromotic

6 matches found

CVE
CVE
added 2013/05/23 5:0 p.m.59 views

CVE-2011-4520

PROMOTIC ActiveX heap overflow (CVE-2011-4520) affects MICROSYS PROMOTIC

4.3CVSS7.1AI score0.0234EPSS
CVE
CVE
added 2013/05/23 5:0 p.m.57 views

CVE-2011-4518

CVE-2011-4518 is a directory traversal vulnerability in the PROMOTIC web server’s PmWebDir object, affecting MICROSYS PROMOTIC before 8.1.5. Remote attackers could read arbitrary files via unspecified vectors. Multiple sources (Red Hat, NVD/NVD-linked references, ICS-CERT) corroborate the vulnera...

5CVSS6.8AI score0.26385EPSS
CVE
CVE
added 2015/03/29 10:0 a.m.57 views

CVE-2014-9205

CVE-2014-9205 affects MICROSYS PROMOTIC: stack-based buffer overflow in the PmBase64Decode function in a demonstration application. Vulnerable in PROMOTIC stable prior to 8.2.19 and development prior to 8.3.2. Attackers can remotely execute arbitrary code by sending large data; ZDI assigns CVSSv2...

7.5CVSS8.3AI score0.0484EPSS
CVE
CVE
added 2013/05/23 5:0 p.m.56 views

CVE-2011-4519

CVE-2011-4519 affects MICROSYS PROMOTIC before 8.1.5, where an ActiveX component contains a stack overflow vulnerability. A crafted HTML page can remotely trigger a denial of service on affected clients. Public analysis across multiple feeds confirms the ActiveX stack overflow, with remediation g...

4.3CVSS7.1AI score0.0234EPSS
CVE
CVE
added 2016/01/26 7:0 p.m.51 views

CVE-2016-0869

The CVE-2016-0869 vulnerability affects MICROSYS PROMOTIC prior to version 8.3.11. It is a heap-based buffer overflow in the HTML handling that can be triggered by a user loading a malformed HTML document, leading to a denial of service. Connected advisories (ICS-CERT ICSA-16-026-01) confirm memo...

7.1CVSS5.1AI score0.01045EPSS
CVE
CVE
added 2012/04/13 10:0 a.m.47 views

CVE-2011-4874

CVE-2011-4874 affects MICROSYS PROMOTIC before 8.1.7. A use-after-free in handling a crafted project file (.pra) can lead to arbitrary code execution or data corruption with application crash. Affected products: PROMOTIC versions prior to 8.1.7. Exploitation is not remotely exploitable per ICS-CE...

7.9CVSS8.1AI score0.01528EPSS