A heap-based buffer overflow exists in XML Decompression DecodeTreeBlock in AT&T Labs Xmill 0.7. A crafted input file can lead to remote code execution. This is not the same as any of: CVE-2021-21810, CVE-2021-21811, CVE-2021-21812, CVE-2021-21815, CVE-2021-21825, CVE-2021-21826, CVE-2021-21828, CVE-2021-21829, or CVE-2021-21830. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
oryginał ENCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HAtt Xmill
APPAtt0.7Schneider Electric Ecostruxure Control Expert
APPSchneider-Electric15.1< 15.1Schneider Electric Ecostruxure Process Expert
APPSchneider-Electric< 2021Schneider Electric Remoteconnect
APPSchneider-Electricwszystkie wersjeSchneider Electric Scadapack 470
HWSchneider-Electricwszystkie wersjeSchneider Electric Scadapack 474
HWSchneider-Electricwszystkie wersjeSchneider Electric Scadapack 570
HWSchneider-Electricwszystkie wersjeSchneider Electric Scadapack 574
HWSchneider-Electricwszystkie wersjeSchneider Electric Scadapack 575
HWSchneider-Electricwszystkie wersje
Powiązane podatności
A CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability exists that could cause unaut...
A memory corruption vulnerability exists in the XML-parsing CreateLabelOrAttrib functionality of AT&T Labs’ Xm...
A heap-based buffer overflow vulnerability exists in the XML Decompression DecodeTreeBlock functionality of AT...
A heap-based buffer overflow vulnerability exists in the XML Decompression DecodeTreeBlock functionality of AT...
A heap-based buffer overflow vulnerability exists in the XML Decompression DecodeTreeBlock functionality of AT...