Multiple Buffer Overflows in F1BookView ActiveX Control in Schneider Electric ProClima

Multiple Buffer Overflows in F1BookView ActiveX Control in Schneider Electric ProClima

CVE-2015-7918 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Multiple buffer overflows in the F1BookView ActiveX control in F1 Bookview in Schneider Electric ProClima before 6.2 allow remote attackers to execute arbitrary code via the (1) Attach, (2) DefinedName, (3) DefinedNameLocal, (4) ODBCPrepareEx, (5) ObjCreatePolygon, (6) SetTabbedTextEx, or (7) SetValidationRule method, a different vulnerability than CVE-2015-8561.

Learn more about our Web Application Penetration Testing UK.