The affected product does not properly validate user-supplied data. If a user opens a maliciously formed CSP file, then an attacker could execute arbitrary code within the current process by accessing an uninitialized pointer.
oryginał ENCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HHornerautomation Cscape
APPHornerautomation9.90Hornerautomation Cscape Envisionrv
APPHornerautomation4.70
Powiązane podatności
In Horner Automation Cscape versions 9.90 SP10 and prior, local attackers are able to exploit this vulnerabil...
The affected application lacks proper validation of user-supplied data when parsing font files ...
The affected application lacks proper validation of user-supplied data when parsing project files (e.g....
The affected application lacks proper validation of user-supplied data when parsing project f...
Horner Automation Cscape lacks proper validation of user-supplied data when parsing project files (e.g., HMI)....