In Schneider Electric U.motion Builder software versions prior to v1.3.4, this exploit occurs when the submitted data of an input string is evaluated as a command by the application. In this way, the attacker could execute code, read the stack, or cause a segmentation fault in the running application.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: schneider
Published: 2018-07-03T14:00:00Z
Updated: 2024-09-16T19:35:35.515Z
Reserved: 2018-03-08T00:00:00
Link: CVE-2018-7784
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2018-07-03T14:29:01.523
Modified: 2019-09-30T13:37:24.677
Link: CVE-2018-7784
Redhat
No data.