CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2017-12706

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0970%
EPSS Percentile2.37th
Published2017年8月30日
Last Modified2026年5月13日

Vulnerability Description

A stack-based buffer overflow issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. Researchers have identified multiple vulnerabilities where there is a lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer, which could allow an attacker to execute arbitrary code under the context of the process.

Affected Platforms (CPE)

📦
Advantech

Webaccess

<= 8.2

References & Advisories

🔗 http://www.securityfocus.com/bid/100526
🔗 https://ics-cert.us-cert.gov/advisories/ICSA-17-241-02
🔗 http://www.securityfocus.com/bid/100526
🔗 https://ics-cert.us-cert.gov/advisories/ICSA-17-241-02

相關漏洞威脅

CVE-2007-217110.0

Stack-based buffer overflow in the base64_decode function in GWINTER.exe in Novell GroupWise (GW) WebAccess before 7.0 SP2 allows ...

CVE-2010-471410.0

Multiple stack-based buffer overflows in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a lon...

CVE-2003-155110.0

Unspecified vulnerability in Novell GroupWise 6 SP3 WebAccess before Revision F has unknown impact and attack vectors related to "...

CVE-2011-404110.0

webvrpcs.exe in Advantech/BroadWin WebAccess allows remote attackers to execute arbitrary code or obtain a security-code value via...