Vulnerabilities > Advantech > Webaccess > 6.0.2007.11.08
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-01-15 | CVE-2016-0860 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Advantech Webaccess Buffer overflow in the BwpAlarm subsystem in Advantech WebAccess before 8.1 allows remote attackers to cause a denial of service via a crafted RPC request. | 10.0 |
| 2016-01-15 | CVE-2016-0859 | Numeric Errors vulnerability in Advantech Webaccess Integer overflow in the Kernel service in Advantech WebAccess before 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted RPC request. | 10.0 |
| 2016-01-15 | CVE-2016-0858 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Advantech Webaccess Race condition in Advantech WebAccess before 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via a crafted request. | 9.3 |
| 2016-01-15 | CVE-2016-0857 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Advantech Webaccess Multiple heap-based buffer overflows in Advantech WebAccess before 8.1 allow remote attackers to execute arbitrary code via unspecified vectors. | 10.0 |
| 2016-01-15 | CVE-2016-0856 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Advantech Webaccess Multiple stack-based buffer overflows in Advantech WebAccess before 8.1 allow remote attackers to execute arbitrary code via unspecified vectors. | 10.0 |
| 2016-01-15 | CVE-2016-0855 | Path Traversal vulnerability in Advantech Webaccess Directory traversal vulnerability in Advantech WebAccess before 8.1 allows remote attackers to list arbitrary virtual-directory files via unspecified vectors. | 5.0 |
| 2016-01-15 | CVE-2016-0854 | Unspecified vulnerability in Advantech Webaccess Unrestricted file upload vulnerability in the uploadImageCommon function in the UploadAjaxAction script in the WebAccess Dashboard Viewer in Advantech WebAccess before 8.1 allows remote attackers to write to files of arbitrary types via unspecified vectors. | 10.0 |
| 2016-01-15 | CVE-2016-0853 | Information Exposure vulnerability in Advantech Webaccess Advantech WebAccess before 8.1 allows remote attackers to obtain sensitive information via crafted input. | 5.0 |
| 2016-01-15 | CVE-2016-0852 | Permissions, Privileges, and Access Controls vulnerability in Advantech Webaccess Advantech WebAccess before 8.1 allows remote attackers to bypass an intended administrative requirement and obtain file or folder access via unspecified vectors. | 5.0 |
| 2016-01-15 | CVE-2016-0851 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Advantech Webaccess Advantech WebAccess before 8.1 allows remote attackers to cause a denial of service (out-of-bounds memory access) via unspecified vectors. | 7.8 |