Vulnerabilities > Advantech > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-09-20 | CVE-2014-0989 | Buffer Errors vulnerability in Advantech Webaccess 7.2 Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the AccessCode2 parameter. | 6.8 |
| 2014-09-20 | CVE-2014-0988 | Buffer Errors vulnerability in Advantech Webaccess 7.2 Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the AccessCode parameter. | 6.8 |
| 2014-09-20 | CVE-2014-0987 | Buffer Errors vulnerability in Advantech Webaccess 7.2 Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the NodeName2 parameter. | 6.8 |
| 2014-09-20 | CVE-2014-0986 | Buffer Errors vulnerability in Advantech Webaccess 7.2 Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the GotoCmd parameter. | 6.8 |
| 2014-09-20 | CVE-2014-0985 | Buffer Errors vulnerability in Advantech Webaccess 7.2 Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the NodeName parameter. | 6.8 |
| 2014-07-19 | CVE-2014-2368 | Information Exposure vulnerability in Advantech Webaccess 5.0/6.0/7.0 The BrowseFolder method in the bwocxrun ActiveX control in Advantech WebAccess before 7.2 allows remote attackers to read arbitrary files via a crafted call. | 5.0 |
| 2014-07-19 | CVE-2014-2367 | Information Exposure vulnerability in Advantech Webaccess 5.0/6.0/7.0 The ChkCookie subroutine in an ActiveX control in broadweb/include/gChkCook.asp in Advantech WebAccess before 7.2 allows remote attackers to read arbitrary files via a crafted call. | 4.3 |
| 2014-07-19 | CVE-2014-2366 | Information Exposure vulnerability in Advantech Webaccess 5.0/6.0/7.0 upAdminPg.asp in Advantech WebAccess before 7.2 allows remote authenticated users to discover credentials by reading HTML source code. | 4.0 |
| 2014-07-19 | CVE-2014-2365 | Remote Code Execution vulnerability in Advantech Webaccess 5.0/6.0/7.0 Unspecified vulnerability in Advantech WebAccess before 7.2 allows remote authenticated users to create or delete arbitrary files via unknown vectors. | 5.5 |
| 2014-04-12 | CVE-2014-0772 | Information Exposure vulnerability in Advantech Webaccess 5.0/6.0/7.0 The OpenUrlToBufferTimeout method in the BWOCXRUN.BwocxrunCtrl.1 ActiveX control in bwocxrun.ocx in Advantech WebAccess before 7.2 allows remote attackers to read arbitrary files via a file: URL. | 5.0 |