Vulnerabilities > Eaton

DATE CVE VULNERABILITY TITLE RISK
2016-07-03 CVE-2016-4512 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Eaton Elcsoft 1.00.08/2.4.01
Stack-based buffer overflow in ELCSimulator in Eaton ELCSoft 2.4.01 and earlier allows remote attackers to execute arbitrary code via a long packet.
network
low complexity
eaton CWE-119
7.5
2016-07-03 CVE-2016-4509 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Eaton Elcsoft 1.00.08/2.4.01
Heap-based buffer overflow in elcsoft.exe in Eaton ELCSoft 2.4.01 and earlier allows remote authenticated users to execute arbitrary code via a crafted file.
network
eaton CWE-119
6.0
2015-12-23 CVE-2015-6471 Information Exposure vulnerability in Eaton Proview
Eaton Cooper Power Systems ProView 4.x and 5.x before 5.1 on Form 6 controls and Idea and IdeaPLUS relays does not properly initialize padding fields in Ethernet packets, which allows remote attackers to obtain sensitive information by reading packet data.
network
eaton CWE-200
4.3
2015-07-20 CVE-2014-9196 7PK - Security Features vulnerability in Eaton Proview
Eaton Cooper Power Systems ProView 4.0 and 5.0 before 5.0 11 on Form 6 controls and Idea and IdeaPLUS relays generates TCP initial sequence number (ISN) values linearly, which makes it easier for remote attackers to spoof TCP sessions by predicting an ISN value.
network
eaton CWE-254
critical
9.3
2009-05-28 CVE-2008-6816 Improper Authentication vulnerability in Eaton Network Shutdown Module
Eaton MGEOPS Network Shutdown Module before 3.10 Build 13 allows remote attackers to execute arbitrary code by adding a custom action to the MGE frontend via pane_actionbutton.php, and then executing this action via exec_action.php.
network
low complexity
eaton CWE-287
critical
10.0