kitchenkvm.blogg.se

This allows an attacker to exploit a Stored Cross-Site Scripting (XSS) vulnerability when a user browses through the employee directory and to execute arbitrary code on the victim's browser. Under certain conditions, SAP Contact Center - version 700,does not sufficiently encode user-controlled inputs and persists in them. Exploitation of this issue requires user interaction in that a victim must open a maliciously crafted Microsoft Office file, or visit an attacker controlled web page. An unauthenticated attacker could leverage this vulnerability to obtain NTLMv2 credentials. Exploitation of this issue requires user interaction in that a victim must visit an attacker controlled web page.Īcrobat Reader DC ActiveX Control versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an Information Disclosure vulnerability. Exploitation of this issue requires user interaction in that a victim must open a maliciously crafted Microsoft Office file, or visit an attacker controlled web page.Īcrobat Reader DC ActiveX Control versions 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Information Disclosure vulnerability. Remote attackers can use this vulerability to encourage users to access crafted web pages, causing damage such as malicious code infections.Īcrobat Reader DC ActiveX Control versions 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Information Disclosure vulnerability.

Origin validation error vulnerability in NeoRS’s ActiveX moudle allows attackers to download and execute arbitrary files. Measuresoft ScadaPro Server (Versions prior to 6.8.0.1) uses an unmaintained ActiveX control, which may allow an out-of-bounds write condition while processing a specific project file.

The controls may allow seven untrusted pointer deference instances while processing a specific project file. Measuresoft ScadaPro Server (All Versions) uses unmaintained ActiveX controls. These controls may allow two stack-based buffer overflow instances while processing a specific project file.