CVE-2014-0771
Severity CVSS v4.0:
Pending analysis
Type:
CWE-200
Information Leak / Disclosure
Publication date:
12/04/2014
Last modified:
14/04/2014
Description
The OpenUrlToBuffer method in the BWOCXRUN.BwocxrunCtrl.1 ActiveX control in bwocxrun.ocx in Advantech WebAccess before 7.2 allows remote attackers to read arbitrary files via a file: URL.
Impact
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:advantech:advantech_webaccess:*:*:*:*:*:*:*:* | 7.1 (including) | |
cpe:2.3:a:advantech:advantech_webaccess:5.0:*:*:*:*:*:*:* | ||
cpe:2.3:a:advantech:advantech_webaccess:6.0:*:*:*:*:*:*:* | ||
cpe:2.3:a:advantech:advantech_webaccess:7.0:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page