CVE-2018-19019
EUVD-2018-1073722.01.2019, 20:29
A type confusion vulnerability exists when processing project files in CX-Supervisor (Versions 3.42 and prior). An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| omron | cx-supervisor | 𝑥 ≤ 3.42 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')The program allocates or initializes a resource such as a pointer, object, or variable using one type, but it later accesses that resource using a type that is incompatible with the original type.
- CWE-704 - Incorrect Type Conversion or CastThe software does not correctly convert an object, resource, or structure from one type to a different type.