Microsys Promotic vulnerabilities
6 known vulnerabilities affecting microsys/promotic.
Total CVEs
6
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM4
Vulnerabilities
Page 1 of 1
CVE-2011-4518P3MEDIUMCVSS 5.0PoC≤ 8.1.4v8.0.0+17 more2013-05-23
CVE-2011-4518 [MEDIUM] CWE-22 CVE-2011-4518: Directory traversal vulnerability in the PmWebDir object in the web server in MICROSYS PROMOTIC befo
Directory traversal vulnerability in the PmWebDir object in the web server in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to read arbitrary files via unspecified vectors.
nvd
CVE-2011-4519P4MEDIUMCVSS 4.3PoC≤ 8.1.4v8.0.0+17 more2013-05-23
CVE-2011-4519 [MEDIUM] CWE-119 CVE-2011-4519: Stack-based buffer overflow in an ActiveX component in MICROSYS PROMOTIC before 8.1.5 allows remote
Stack-based buffer overflow in an ActiveX component in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to cause a denial of service via a crafted web page.
nvd
CVE-2014-9205P3HIGHCVSS 7.5≤ 8.2.18≤ 8.3.12015-03-29
CVE-2014-9205 [HIGH] CWE-119 CVE-2014-9205: Stack-based buffer overflow in the PmBase64Decode function in an unspecified demonstration applicati
Stack-based buffer overflow in the PmBase64Decode function in an unspecified demonstration application in MICROSYS PROMOTIC stable before 8.2.19 and PROMOTIC development before 8.3.2 allows remote attackers to execute arbitrary code by providing a large amount of data.
nvd
CVE-2011-4520P4MEDIUMCVSS 4.3PoC≤ 8.1.4v8.0.0+17 more2013-05-23
CVE-2011-4520 [MEDIUM] CWE-119 CVE-2011-4520: Heap-based buffer overflow in an ActiveX component in MICROSYS PROMOTIC before 8.1.5 allows remote a
Heap-based buffer overflow in an ActiveX component in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to cause a denial of service via a crafted web page.
nvd
CVE-2011-4874P4HIGHCVSS 7.9≤ 8.1.6v8.0.0+19 more2012-04-13
CVE-2011-4874 [HIGH] CWE-399 CVE-2011-4874: Use-after-free vulnerability in MICROSYS PROMOTIC before 8.1.7 allows user-assisted remote attackers
Use-after-free vulnerability in MICROSYS PROMOTIC before 8.1.7 allows user-assisted remote attackers to execute arbitrary code or cause a denial of service (data corruption and application crash) via a crafted project (aka .pra) file.
nvd
CVE-2016-0869P4MEDIUMCVSS 5.0≤ 8.3.102016-01-26
CVE-2016-0869 [MEDIUM] CWE-119 CVE-2016-0869: Heap-based buffer overflow in MICROSYS PROMOTIC before 8.3.11 allows remote authenticated users to c
Heap-based buffer overflow in MICROSYS PROMOTIC before 8.3.11 allows remote authenticated users to cause a denial of service via a malformed HTML document.
nvd