CVE-2014-2364

CVE-2014-2364: Advantech WebAccess Stack-Based Buffer Overflow

Vendor Advantech
Product WebAccess
Weakness CWE-121
Published July 19, 2014
Last update October 6, 2025

CVSS base score

What the vulnerability does

01Description

Multiple stack-based buffer overflows in Advantech WebAccess before 7.2 allow remote attackers to execute arbitrary code via a long string in the (1) ProjectName, (2) SetParameter, (3) NodeName, (4) CCDParameter, (5) SetColor, (6) AlarmImage, (7) GetParameter, (8) GetColor, (9) ServerResponse, (10) SetBaud, or (11) IPAddress parameter to an ActiveX control in (a) webvact.ocx, (b) dvs.ocx, or (c) webdact.ocx.

Key dates

02Disclosure timeline

July 19, 2014 CVE published
October 6, 2025 Record updated

Related vulnerabilities

04Related CVE