Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A heap-based buffer overflow exists in the third-party product Gigasoft, v5 and prior, included in GE Communicator 3.15 and prior. A malicious HTML file that loads the ActiveX controls can trigger the vulnerability via unchecked function calls.
CVSS Information
N/A
Vulnerability Type
堆缓冲区溢出
Vulnerability Title
GE Communicator Gigasoft 缓冲区错误漏洞
Vulnerability Description
GE Communicator是美国通用电气(GE)公司的一款用于计量设备的编程和监测的应用程序。Gigasoft是使用在其中的一个图表组件。 GE Communicator 3.15及之前的版本中的Gigasoft 5及之前版本存在基于堆的缓冲区溢出漏洞,该漏洞源于程序没有充分的对用户提交的数据执行边界检测,导致复制数据的大小超过被分配的缓冲区空间。攻击者可借助恶意的HTML文件利用该漏洞执行任意代码或造成拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A