PT-2020-12228 · Visam+1 · Visam Vbase Web-Remote Module+2

Published

2020-04-03

Updated

2020-04-06

CVE-2020-10599

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions VISAM VBASE Editor version 11.5.0.2 VISAM VBASE Web-Remote Module

Description The issue is related to a vulnerable ActiveX component that can be exploited, resulting in a buffer overflow. This may lead to a denial-of-service condition and execution of arbitrary code.

Recommendations For VISAM VBASE Editor version 11.5.0.2, consider disabling the vulnerable ActiveX component to prevent exploitation until a patch is available. For VISAM VBASE Web-Remote Module, restrict access to the module to minimize the risk of exploitation.

Fix

Buffer Overflow

Stack Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-120CWE-121

Related Identifiers

CVE-2020-10599

Affected Products

Activex

Visam Vbase Editor

Visam Vbase Web-Remote Module

PT-2020-12228 · Visam+1 · Visam Vbase Web-Remote Module+2

CVE-2020-10599

Weakness Enumeration

Related Identifiers

Affected Products

References · 4