CVE-2019-3951
EUVD-2019-1355812.12.2019, 21:15
Advantech WebAccess before 8.4.3 allows unauthenticated remote attackers to execute arbitrary code or cause a denial of service (memory corruption) due to a stack-based buffer overflow when handling IOCTL 70533 RPC messages.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| advantech | webaccess | 𝑥 < 8.4.3 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-121 - Stack-based Buffer OverflowA stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
- CWE-787 - Out-of-bounds WriteThe software writes data past the end, or before the beginning, of the intended buffer.