CVE-2015-8561

CWE-119Buffer Overflow3 documents3 sources
Severity
6.8MEDIUM
EPSS
3.8%
top 11.89%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Schneider-electric Proclima
Timeline
PublishedDec 15
Latest updateMay 17

Description

The F1BookView ActiveX control in F1 Bookview in Schneider Electric ProClima before 6.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted integer value to the (1) AttachToSS, (2) CopyAll, (3) CopyRange, (4) CopyRangeEx, or (5) SwapTable method, a different vulnerability than CVE-2015-7918.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-8jw8-h794-x973: The F1BookView ActiveX control in F1 Bookview in Schneider Electric ProClima before 62022-05-17
CVEList
CVE-2015-8561: The F1BookView ActiveX control in F1 Bookview in Schneider Electric ProClima before 62015-12-15
CVE-2015-8561 (MEDIUM CVSS 6.8) | The F1BookView ActiveX control in F | cvebase.io