Lucene search
Steven Seeley of Source InciteZDI-16-331HistoryMay 11, 2016 - 12:00 a.m.
Panasonic FPWIN Pro GetBlock Heap Buffer Overflow Remote Code Execution Vulnerability
2016-05-1100:00:00
Steven Seeley of Source Incite
www.zerodayinitiative.com
11
0.001 Low
EPSS
Percentile
30.0%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Panasonic FPWIN Pro. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within processing of a project file. A specially-crafted project file will lead to a write beyond the end of a heap buffer in the GetBlock method of the HEAPSTREAM object. An attacker can leverage this vulnerability to attain code execution under the context of the current process.
Related
nvd
nvd
CVE-2016-4499
2016-05-12 01:59:14
cve
cve
CVE-2016-4499
2016-05-12 01:59:14
prion
prion
Heap overflow
2016-05-12 01:59:00
cvelist
cvelist
CVE-2016-4499
2016-05-12 01:00:00
zdi
zdi
openvas
openvas
Panasonic FPWIN Pro Multiple Vulnerabilities
2016-09-01 00:00:00
nessus
nessus
Panasonic FPWIN Pro 5.x < 7.130 Multiple Vulnerabilities
2016-06-15 00:00:00
ics
ics
Panasonic FPWIN Pro Vulnerabilities
2018-08-23 12:00:00