PT-2019-12122 · Red Lion Controls · Crimson

Anthony Fuller

+2

·

Publicado

2019-09-05

·

Atualizado

2023-02-13

·

CVE-2019-10984

CVSS v3.1

7.8

Alta

VetorAV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Red Lion Controls Crimson versions 3.0 and prior Red Lion Controls Crimson version 3.1 prior to release 3112.00
Description The issue allows multiple vulnerabilities to be exploited when a valid user opens a specially crafted, malicious input file, causing the program to mishandle pointers. This can lead to remote code execution due to untrusted pointer dereference.
Recommendations For Red Lion Controls Crimson versions 3.0 and prior, update to a version later than 3.0 to resolve the issue. For Red Lion Controls Crimson version 3.1 prior to release 3112.00, update to release 3112.00 or later to resolve the issue.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-465

Identificadores relacionados

CVE-2019-10984
ZDI-19-786
ZDI-19-789
ZDI-19-791

Produtos afetados

Crimson