Vulnerabilities > Advantech > Advantech Webaccess > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-02-21 | CVE-2011-4524 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Advantech Webaccess 5.0/6.0 Buffer overflow in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary code via a long string value in unspecified parameters. | 10.0 |
2012-02-21 | CVE-2011-4525 | Permissions, Privileges, and Access Controls vulnerability in Advantech Webaccess 5.0/6.0 Advantech/BroadWin WebAccess before 7.0 allows remote attackers to trigger the extraction of arbitrary web content into a batch file on a client system, and execute this batch file, via unspecified vectors. | 10.0 |
2012-02-21 | CVE-2011-4526 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Advantech Webaccess 5.0/6.0 Buffer overflow in an ActiveX control in Advantech/BroadWin WebAccess before 7.0 might allow remote attackers to execute arbitrary code via a long string value in unspecified parameters. | 10.0 |
2012-02-21 | CVE-2012-0238 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Advantech Webaccess 5.0/6.0 Stack-based buffer overflow in opcImg.asp in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary code via unspecified vectors. | 10.0 |
2012-02-21 | CVE-2012-0240 | Improper Authentication vulnerability in Advantech Webaccess 5.0/6.0 GbScriptAddUp.asp in Advantech/BroadWin WebAccess before 7.0 does not properly perform authentication, which allows remote attackers to execute arbitrary code via unspecified vectors. | 10.0 |
2012-02-21 | CVE-2012-0242 | USE of Externally-Controlled Format String vulnerability in Advantech Webaccess 5.0/6.0 Format string vulnerability in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary code via format string specifiers in a message string. | 10.0 |
2012-02-21 | CVE-2012-0243 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Advantech Webaccess 5.0/6.0 Buffer overflow in an ActiveX control in bwocxrun.ocx in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary code by leveraging the ability to write arbitrary content to any pathname. | 10.0 |