CVE

Id
87150  
CVE No.
CVE-2016-0854  
Status
Candidate  
Description
Unrestricted file upload vulnerability in the uploadImageCommon function in the UploadAjaxAction script in the WebAccess Dashboard Viewer in Advantech WebAccess before 8.1 allows remote attackers to write to files of arbitrary types via unspecified vectors.  
Phase
Assigned (20151217)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
762806 87150 CVE-2016-0854 EXPLOIT-DB:39735  View
762807 87150 CVE-2016-0854 URL:https://www.exploit-db.com/exploits/39735/  View
762808 87150 CVE-2016-0854 MISC:https://ics-cert.us-cert.gov/advisories/ICSA-16-014-01  View
762809 87150 CVE-2016-0854 MISC:http://www.rapid7.com/db/modules/exploit/windows/scada/advantech_webaccess_dashboard_file_upload  View
762810 87150 CVE-2016-0854 MISC:http://www.zerodayinitiative.com/advisories/ZDI-16-127  View
762811 87150 CVE-2016-0854 MISC:http://www.zerodayinitiative.com/advisories/ZDI-16-128  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
275 JVNDB-2016-001048 Windows および Mac OS X 上で稼働する Adobe Reader および Acrobat における任意のコードを実行される脆弱性 Windows および Mac OS X 上で稼働する Adobe Reader および Acrobat には、任意のコードを実行される、またはサービス運用妨害 (メモリ破損) 状態にされる脆弱性が存在します。 CVE-2016-0946 87150 10 http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-001048.html  View