Lucene search
Steven Seeley of Source InciteZDI-15-577HistoryDec 02, 2015 - 12:00 a.m.
Unitronics VisiLogic OPLC IDE TeePreviewer.ITeePreviewer ActiveX Control ChartLink Remote Code Execution Vulnerability
2015-12-0200:00:00
Steven Seeley of Source Incite
www.zerodayinitiative.com
12
EPSS
0.164
Percentile
96.1%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Unitronics VisiLogic OPLC IDE. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the TeePreviewer object in TeeChart5.ocx. The ChartLink accessor of the object takes a user-supplied integer and interprets it as an address, which can cause arbitrary memory to be interpreted as an object. An attacker can leverage this vulnerability to execute arbitrary code under the context of the user.
Related
prion
prion
Code injection
2015-11-13 03:59:00
zdi
zdi
checkpoint_advisories
checkpoint_advisories
cvelist
cvelist
CVE-2015-6478
2015-11-13 02:00:00
cve
cve
CVE-2015-6478
2015-11-13 03:59:03
nvd
nvd
CVE-2015-6478
2015-11-13 03:59:03
ics
ics
Unitronics VisiLogic OPLC IDE Vulnerabilities (Update A)
2018-08-23 12:00:00