Horner Automation's Cscape version 9.90 SP7 and prior does not properly validate user-supplied data. If a user opens a maliciously formed FNT file, then an attacker could execute arbitrary code within the current process by writing outside the memory buffer.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2022-10-27T22:11:48.828Z

Updated: 2024-08-03T01:07:06.550Z

Reserved: 2022-09-30T16:59:00.522Z

Link: CVE-2022-3379

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-10-27T23:15:11.000

Modified: 2024-11-21T07:19:24.430

Link: CVE-2022-3379

cve-icon Redhat

No data.