Advantech WebAccess CVE-2014-9208 Multiple Stack Buffer Overflow Vulnerabilities

Advantech WebAccess is prone to multiple stack-based buffer-overflow vulnerabilities because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer.

An attacker can exploit these issues to execute arbitrary code in the context of an application using the ActiveX control (typically Internet Explorer). Failed attacks will likely cause denial-of-service conditions.

Advantech WebAccess 8.0 and prior are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus