Vulnerabilities > Eaton > Elcsoft

DATE CVE VULNERABILITY TITLE RISK
2018-03-20 CVE-2018-7511 Improper Input Validation vulnerability in Eaton Elcsoft 1.00.08/2.4.01
In Eaton ELCSoft versions 2.04.02 and prior, there are multiple cases where specially crafted files could cause a buffer overflow which, in turn, may allow remote execution of arbitrary code.
local
low complexity
eaton CWE-20
5.3
2016-07-03 CVE-2016-4512 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Eaton Elcsoft 1.00.08/2.4.01
Stack-based buffer overflow in ELCSimulator in Eaton ELCSoft 2.4.01 and earlier allows remote attackers to execute arbitrary code via a long packet.
network
low complexity
eaton CWE-119
7.3
2016-07-03 CVE-2016-4509 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Eaton Elcsoft 1.00.08/2.4.01
Heap-based buffer overflow in elcsoft.exe in Eaton ELCSoft 2.4.01 and earlier allows remote authenticated users to execute arbitrary code via a crafted file.
network
high complexity
eaton CWE-119
6.0