5 matches found
CVE-2019-6530
CVE-2019-6530 affects Panasonic FPWIN Pro software (version 7.3.0.0 and earlier). The flaw is a heap-based buffer overflow in parsing attacker-created PRO project files, caused by insufficient validation of user-supplied data before copying to a heap buffer, enabling remote code execution. ZDI ad...
CVE-2019-6532
Panasonic FPWIN Pro is affected by CVE-2019-6532 (and related CVE-2019-6530) due to a PRO file parsing flaw that can trigger a type confusion in a loaded attacker-created project file. The vulnerability is in FPWIN Pro version 7.3.0.0 and earlier and may allow remote code execution when an authen...
CVE-2023-28729
Panasonic Control FPWIN Pro is affected by CVE-2023-28729 (type confusion) in versions 7.6.0.3 and earlier. The vulnerability arises from incorrect handling of a resource type, enabling arbitrary code execution when a user opens a specially crafted project file. Local attack with user interaction...
CVE-2023-28730
CVE-2023-28730 concerns Panasonic Control FPWIN Pro. A memory corruption vulnerability affects FPWIN Pro versions 7.6.0.3 and earlier, potentially allowing arbitrary code execution when opening specially crafted project files. The CVSS v3.1 base score is 7.8 (High) with LOCAL attack vector, LOW a...
CVE-2023-28728
Panasonic Control FPWIN Pro7 is affected by CVE-2023-28728 (stack-based buffer overflow) in versions 7.6.0.3 and earlier, potentially allowing arbitrary code execution when opening specially crafted project files. Affected product is Control FPWIN Pro7; underlying issue is a stack-based overflow....