Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-10967 | 1 Emerson | 2 Ovation Ocr400, Ovation Ocr400 Firmware | 2020-10-01 | 6.5 MEDIUM | 8.8 HIGH |
In Emerson Ovation OCR400 Controller 3.3.1 and earlier, a stack-based buffer overflow vulnerability in the embedded third-party FTP server involves improper handling of a long file name from the LIST command to the FTP service, which may cause the service to overwrite buffers, leading to remote code execution and escalation of privileges. | |||||
CVE-2019-10965 | 1 Emerson | 2 Ovation Ocr400, Ovation Ocr400 Firmware | 2020-08-24 | 6.5 MEDIUM | 8.8 HIGH |
In Emerson Ovation OCR400 Controller 3.3.1 and earlier, a heap-based buffer overflow vulnerability in the embedded third-party FTP server involves improper handling of a long command to the FTP service, which may cause memory corruption that halts the controller or leads to remote code execution and escalation of privileges. |