Show filters
16 Total Results
Displaying 11-16 of 16
Sort by:
Attacker Value
Unknown
CVE-2014-0767
Disclosure Date: April 12, 2014 (last updated October 05, 2023)
Stack-based buffer overflow in Advantech WebAccess before 7.2 allows remote attackers to execute arbitrary code via a long AccessCode argument.
0
Attacker Value
Unknown
CVE-2014-0770
Disclosure Date: April 12, 2014 (last updated October 05, 2023)
Stack-based buffer overflow in Advantech WebAccess before 7.2 allows remote attackers to execute arbitrary code via a long UserName parameter.
0
Attacker Value
Unknown
CVE-2014-0768
Disclosure Date: April 12, 2014 (last updated October 05, 2023)
Stack-based buffer overflow in Advantech WebAccess before 7.2 allows remote attackers to execute arbitrary code via a long AccessCode2 argument.
0
Attacker Value
Unknown
CVE-2014-0772
Disclosure Date: April 12, 2014 (last updated October 05, 2023)
The OpenUrlToBufferTimeout method in the BWOCXRUN.BwocxrunCtrl.1 ActiveX control in bwocxrun.ocx in Advantech WebAccess before 7.2 allows remote attackers to read arbitrary files via a file: URL.
0
Attacker Value
Unknown
CVE-2014-0773
Disclosure Date: April 12, 2014 (last updated October 05, 2023)
The CreateProcess method in the BWOCXRUN.BwocxrunCtrl.1 ActiveX control in bwocxrun.ocx in Advantech WebAccess before 7.2 allows remote attackers to execute (1) setup.exe, (2) bwvbprt.exe, and (3) bwvbprtl.exe programs from arbitrary pathnames via a crafted argument, as demonstrated by a UNC share pathname.
0
Attacker Value
Unknown
CVE-2013-2299
Disclosure Date: August 22, 2013 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in Advantech WebAccess (formerly BroadWin WebAccess) before 7.1 2013.05.30 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
0
