Lucene search
Steven Seeley of Source InciteZDI-16-337HistoryMay 11, 2016 - 12:00 a.m.
Panasonic FPWIN Pro SCTASK Out-Of-Bounds Write Remote Code Execution Vulnerability
2016-05-1100:00:00
Steven Seeley of Source Incite
www.zerodayinitiative.com
16
0.001 Low
EPSS
Percentile
20.4%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Panasonic FPWIN Pro. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of a project file. A specially-crafted project file will lead to the construction of an SCTASK object followed by writes to the object that are outside its bounds. An attacker can leverage this vulnerability to attain code execution under the context of the current process.
Related
zdi
zdi
cvelist
cvelist
CVE-2016-4496
2016-05-12 01:00:00
nvd
nvd
CVE-2016-4496
2016-05-12 01:59:11
cve
cve
CVE-2016-4496
2016-05-12 01:59:11
prion
prion
Integer overflow
2016-05-12 01:59:00
nessus
nessus
Panasonic FPWIN Pro 5.x < 7.130 Multiple Vulnerabilities
2016-06-15 00:00:00
openvas
openvas
Panasonic FPWIN Pro Multiple Vulnerabilities
2016-09-01 00:00:00
ics
ics
Panasonic FPWIN Pro Vulnerabilities
2018-08-23 12:00:00