CVE-2018-18993

CVE-2018-18993

Vendor N/A
Product CX-One (CX-Programmer and CX-Server)
Weakness CWE-121
Published December 4, 2018
Last update August 5, 2024

CVSS base score

What the vulnerability does

01Description

Two stack-based buffer overflow vulnerabilities have been discovered in CX-One Versions 4.42 and prior (CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior). When processing project files, the application allows input data to exceed the buffer. An attacker could use a specially crafted project file to overflow the buffer and execute code under the privileges of the application.

Key dates

02Disclosure timeline

December 4, 2018 CVE published
August 5, 2024 Record updated

Related vulnerabilities

04Related CVE