MEDIUM🇬🇧 English

CVE-2021-32972

CVSS 5.5v3.1pub. 2021-07-09upd. 2024-11-21

Panasonic FPWIN Pro, all Versions 7.5.1.1 and prior, allows an attacker to craft a project file specifying a URI that causes the XML parser to access the URI and embed the contents, which may allow the attacker to disclose information that is accessible in the context of the user executing software.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
  • Panasonic Fpwin Pro

    APP
    Panasonic
    ≤ 7.5.1.1
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2023-6314HIGH7.8ten sam produkt

Stack-based buffer overflow in FPWin Pro version 7.7.0.0 and all previous versions may allow attackers to exec...

CVE-2023-6315HIGH7.8ten sam produkt

Out-of-bouds read vulnerability in FPWin Pro version 7.7.0.0 and all previous versions may allow attackers to ...

CVE-2020-16236HIGH7.8ten sam produkt

FPWIN Pro is vulnerable to an out-of-bounds read vulnerability when a user opens a maliciously crafted project...

CVE-2016-4496MEDIUM4.2ten sam produkt

Panasonic FPWIN Pro 5.x through 7.x before 7.130 allows local users to cause a denial of service (out-of-bound...

CVE-2016-4499MEDIUM4.2ten sam produkt

Heap-based buffer overflow in Panasonic FPWIN Pro 5.x through 7.x before 7.130 allows local users to cause a d...

CVE-2021-32972 — MEDIUM 5.5 | CVEbaza.pl