Search criteria
6 vulnerabilities found for zoc by emtec
FKIE_CVE-2021-40147
Vulnerability from fkie_nvd - Published: 2021-08-26 16:15 - Updated: 2024-11-21 06:23
Severity ?
Summary
EmTec ZOC before 8.02.2 allows \e[201~ pastes, a different vulnerability than CVE-2021-32198.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.emtec.com/downloads/zoc/zoc_changes.txt | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.emtec.com/downloads/zoc/zoc_changes.txt | Release Notes, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emtec:zoc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7329D5E0-B70D-464D-AF54-F26CC1B729A6",
"versionEndExcluding": "8.02.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "EmTec ZOC before 8.02.2 allows \\e[201~ pastes, a different vulnerability than CVE-2021-32198."
},
{
"lang": "es",
"value": "EmTec ZOC versiones anteriores a 8.02.2, permite el pegado de \\Ne[201~, una vulnerabilidad diferente de CVE-2021-32198."
}
],
"id": "CVE-2021-40147",
"lastModified": "2024-11-21T06:23:39.563",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-26T16:15:07.357",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://www.emtec.com/downloads/zoc/zoc_changes.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://www.emtec.com/downloads/zoc/zoc_changes.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-32198
Vulnerability from fkie_nvd - Published: 2021-06-06 12:15 - Updated: 2024-11-21 06:06
Severity ?
Summary
EmTec ZOC through 8.02.4 allows remote servers to cause a denial of service (Windows GUI hang) by telling the ZOC window to change its title repeatedly at high speed, which results in many SetWindowTextA or SetWindowTextW calls. In other words, it does not implement a usleep or similar delay upon processing a title change.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.emtec.com/downloads/zoc/zoc_changes.txt | Release Notes, Vendor Advisory | |
| cve@mitre.org | https://pastebin.com/0xhrDvW0 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.emtec.com/downloads/zoc/zoc_changes.txt | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://pastebin.com/0xhrDvW0 | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emtec:zoc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "753C4CA4-1E34-4889-848C-1FBBBE6920C1",
"versionEndIncluding": "8.02.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "EmTec ZOC through 8.02.4 allows remote servers to cause a denial of service (Windows GUI hang) by telling the ZOC window to change its title repeatedly at high speed, which results in many SetWindowTextA or SetWindowTextW calls. In other words, it does not implement a usleep or similar delay upon processing a title change."
},
{
"lang": "es",
"value": "EmTec ZOC hasta la versi\u00f3n 8.02.4 permite que los servidores remotos provoquen una denegaci\u00f3n de servicio (se cuelga la GUI de Windows) al decirle a la ventana ZOC que cambie su t\u00edtulo repetidamente a alta velocidad, lo que da como resultado muchas llamadas SetWindowTextA o SetWindowTextW. En otras palabras, no implementa un retraso de usleep o similar al procesar un cambio de t\u00edtulo."
}
],
"id": "CVE-2021-32198",
"lastModified": "2024-11-21T06:06:53.980",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-06T12:15:07.380",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://www.emtec.com/downloads/zoc/zoc_changes.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://pastebin.com/0xhrDvW0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://www.emtec.com/downloads/zoc/zoc_changes.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://pastebin.com/0xhrDvW0"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2021-40147 (GCVE-0-2021-40147)
Vulnerability from cvelistv5 – Published: 2021-08-26 15:55 – Updated: 2024-08-04 02:27
VLAI?
Summary
EmTec ZOC before 8.02.2 allows \e[201~ pastes, a different vulnerability than CVE-2021-32198.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.544Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.emtec.com/downloads/zoc/zoc_changes.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "EmTec ZOC before 8.02.2 allows \\e[201~ pastes, a different vulnerability than CVE-2021-32198."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-26T15:55:49",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.emtec.com/downloads/zoc/zoc_changes.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-40147",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "EmTec ZOC before 8.02.2 allows \\e[201~ pastes, a different vulnerability than CVE-2021-32198."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.emtec.com/downloads/zoc/zoc_changes.txt",
"refsource": "MISC",
"url": "http://www.emtec.com/downloads/zoc/zoc_changes.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-40147",
"datePublished": "2021-08-26T15:55:49",
"dateReserved": "2021-08-26T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.544Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-32198 (GCVE-0-2021-32198)
Vulnerability from cvelistv5 – Published: 2021-06-06 11:41 – Updated: 2024-08-03 23:17
VLAI?
Summary
EmTec ZOC through 8.02.4 allows remote servers to cause a denial of service (Windows GUI hang) by telling the ZOC window to change its title repeatedly at high speed, which results in many SetWindowTextA or SetWindowTextW calls. In other words, it does not implement a usleep or similar delay upon processing a title change.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:17:29.316Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.emtec.com/downloads/zoc/zoc_changes.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://pastebin.com/0xhrDvW0"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "EmTec ZOC through 8.02.4 allows remote servers to cause a denial of service (Windows GUI hang) by telling the ZOC window to change its title repeatedly at high speed, which results in many SetWindowTextA or SetWindowTextW calls. In other words, it does not implement a usleep or similar delay upon processing a title change."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-26T15:55:27",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.emtec.com/downloads/zoc/zoc_changes.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://pastebin.com/0xhrDvW0"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-32198",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "EmTec ZOC through 8.02.4 allows remote servers to cause a denial of service (Windows GUI hang) by telling the ZOC window to change its title repeatedly at high speed, which results in many SetWindowTextA or SetWindowTextW calls. In other words, it does not implement a usleep or similar delay upon processing a title change."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.emtec.com/downloads/zoc/zoc_changes.txt",
"refsource": "MISC",
"url": "http://www.emtec.com/downloads/zoc/zoc_changes.txt"
},
{
"name": "https://pastebin.com/0xhrDvW0",
"refsource": "MISC",
"url": "https://pastebin.com/0xhrDvW0"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-32198",
"datePublished": "2021-06-06T11:41:29",
"dateReserved": "2021-05-07T00:00:00",
"dateUpdated": "2024-08-03T23:17:29.316Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-40147 (GCVE-0-2021-40147)
Vulnerability from nvd – Published: 2021-08-26 15:55 – Updated: 2024-08-04 02:27
VLAI?
Summary
EmTec ZOC before 8.02.2 allows \e[201~ pastes, a different vulnerability than CVE-2021-32198.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.544Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.emtec.com/downloads/zoc/zoc_changes.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "EmTec ZOC before 8.02.2 allows \\e[201~ pastes, a different vulnerability than CVE-2021-32198."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-26T15:55:49",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.emtec.com/downloads/zoc/zoc_changes.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-40147",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "EmTec ZOC before 8.02.2 allows \\e[201~ pastes, a different vulnerability than CVE-2021-32198."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.emtec.com/downloads/zoc/zoc_changes.txt",
"refsource": "MISC",
"url": "http://www.emtec.com/downloads/zoc/zoc_changes.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-40147",
"datePublished": "2021-08-26T15:55:49",
"dateReserved": "2021-08-26T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.544Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-32198 (GCVE-0-2021-32198)
Vulnerability from nvd – Published: 2021-06-06 11:41 – Updated: 2024-08-03 23:17
VLAI?
Summary
EmTec ZOC through 8.02.4 allows remote servers to cause a denial of service (Windows GUI hang) by telling the ZOC window to change its title repeatedly at high speed, which results in many SetWindowTextA or SetWindowTextW calls. In other words, it does not implement a usleep or similar delay upon processing a title change.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:17:29.316Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.emtec.com/downloads/zoc/zoc_changes.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://pastebin.com/0xhrDvW0"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "EmTec ZOC through 8.02.4 allows remote servers to cause a denial of service (Windows GUI hang) by telling the ZOC window to change its title repeatedly at high speed, which results in many SetWindowTextA or SetWindowTextW calls. In other words, it does not implement a usleep or similar delay upon processing a title change."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-26T15:55:27",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.emtec.com/downloads/zoc/zoc_changes.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://pastebin.com/0xhrDvW0"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-32198",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "EmTec ZOC through 8.02.4 allows remote servers to cause a denial of service (Windows GUI hang) by telling the ZOC window to change its title repeatedly at high speed, which results in many SetWindowTextA or SetWindowTextW calls. In other words, it does not implement a usleep or similar delay upon processing a title change."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.emtec.com/downloads/zoc/zoc_changes.txt",
"refsource": "MISC",
"url": "http://www.emtec.com/downloads/zoc/zoc_changes.txt"
},
{
"name": "https://pastebin.com/0xhrDvW0",
"refsource": "MISC",
"url": "https://pastebin.com/0xhrDvW0"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-32198",
"datePublished": "2021-06-06T11:41:29",
"dateReserved": "2021-05-07T00:00:00",
"dateUpdated": "2024-08-03T23:17:29.316Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}