[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248364

 
 

909

 
 

195388

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2015-8561Date: (C)2015-12-15   (M)2023-12-22


The F1BookView ActiveX control in F1 Bookview in Schneider Electric ProClima before 6.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted integer value to the (1) AttachToSS, (2) CopyAll, (3) CopyRange, (4) CopyRangeEx, or (5) SwapTable method, a different vulnerability than CVE-2015-7918.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 6.8
Exploit Score: 8.6
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-329-01
http://www.zerodayinitiative.com/advisories/ZDI-15-626
http://www.zerodayinitiative.com/advisories/ZDI-15-627
http://www.zerodayinitiative.com/advisories/ZDI-15-628
http://www.zerodayinitiative.com/advisories/ZDI-15-629
https://ics-cert.us-cert.gov/advisories/ICSA-15-335-02

CWE    1
CWE-119

© SecPod Technologies