VAR-201511-0047
Vulnerability from variot - Updated: 2023-12-18 12:37Unitronics VisiLogic OPLC IDE before 9.8.02 does not properly restrict access to ActiveX controls, which allows remote attackers to have an unspecified impact via a crafted web site. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the TeeChart object in TeeChart5.ocx. The RemoveSeries method of the object takes a user-supplied integer as an index into an array of object pointers. The index is not checked for validity and this can cause arbitrary memory to be interpreted as an object. An attacker can leverage this vulnerability to execute arbitrary code under the context of the user. Unitronics VisiLogic OPLC IDE is Unitronics' suite of human machine interface (HMI) and PLC application programming environments for SAMBA series controllers. Unitronics VisiLogic is prone to multiple remote code-execution vulnerabilities. Failed exploit attempts will likely result in denial-of-service conditions. The affected ActiveX control is identified by CLSID: 3D6F2DBA-F4E5-40A6-8725-E99BC96CC23A. Note: This issue was previously titled 'Unitronics VisiLogic ActiveX Control Security Bypass and Arbitrary Code Injection Vulnerabilities'. The title and technical details have been changed to better reflect the underlying component affected. Unitronics VisiLogic 9.8.0.00 and prior versions are vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201511-0047",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "visilogic oplc ide",
"scope": null,
"trust": 3.5,
"vendor": "unitronics",
"version": null
},
{
"model": "visilogic oplc ide",
"scope": "lte",
"trust": 1.0,
"vendor": "unitronics",
"version": "9.8.0.0"
},
{
"model": "visilogic oplc ide",
"scope": "lt",
"trust": 0.8,
"vendor": "unitronics",
"version": "9.8.02"
},
{
"model": "visilogic oplc ide",
"scope": "lte",
"trust": 0.6,
"vendor": "unitronics",
"version": "\u003c=9.8.0.00"
},
{
"model": "visilogic oplc ide",
"scope": "eq",
"trust": 0.6,
"vendor": "unitronics",
"version": "9.8.0.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "visilogic oplc ide",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "7c5e661c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-15-578"
},
{
"db": "ZDI",
"id": "ZDI-15-577"
},
{
"db": "ZDI",
"id": "ZDI-15-580"
},
{
"db": "ZDI",
"id": "ZDI-15-573"
},
{
"db": "ZDI",
"id": "ZDI-15-579"
},
{
"db": "CNVD",
"id": "CNVD-2015-07635"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005912"
},
{
"db": "NVD",
"id": "CVE-2015-6478"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-244"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:unitronics:visilogic_oplc_ide:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "9.8.0.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6478"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Steven Seeley of Source Incite",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-578"
},
{
"db": "ZDI",
"id": "ZDI-15-577"
},
{
"db": "ZDI",
"id": "ZDI-15-573"
}
],
"trust": 2.1
},
"cve": "CVE-2015-6478",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2015-6478",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 4.3,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2015-07635",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "7c5e661c-2351-11e6-abef-000c29c66e3d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "ZDI",
"id": "CVE-2015-6478",
"trust": 3.5,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6478",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2015-07635",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201511-244",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "7c5e661c-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7c5e661c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-15-578"
},
{
"db": "ZDI",
"id": "ZDI-15-577"
},
{
"db": "ZDI",
"id": "ZDI-15-580"
},
{
"db": "ZDI",
"id": "ZDI-15-573"
},
{
"db": "ZDI",
"id": "ZDI-15-579"
},
{
"db": "CNVD",
"id": "CNVD-2015-07635"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005912"
},
{
"db": "NVD",
"id": "CVE-2015-6478"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-244"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unitronics VisiLogic OPLC IDE before 9.8.02 does not properly restrict access to ActiveX controls, which allows remote attackers to have an unspecified impact via a crafted web site. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the TeeChart object in TeeChart5.ocx. The RemoveSeries method of the object takes a user-supplied integer as an index into an array of object pointers. The index is not checked for validity and this can cause arbitrary memory to be interpreted as an object. An attacker can leverage this vulnerability to execute arbitrary code under the context of the user. Unitronics VisiLogic OPLC IDE is Unitronics\u0027 suite of human machine interface (HMI) and PLC application programming environments for SAMBA series controllers. Unitronics VisiLogic is prone to multiple remote code-execution vulnerabilities. Failed exploit attempts will likely result in denial-of-service conditions. \nThe affected ActiveX control is identified by CLSID: 3D6F2DBA-F4E5-40A6-8725-E99BC96CC23A. \nNote: This issue was previously titled \u0027Unitronics VisiLogic ActiveX Control Security Bypass and Arbitrary Code Injection Vulnerabilities\u0027. The title and technical details have been changed to better reflect the underlying component affected. \nUnitronics VisiLogic 9.8.0.00 and prior versions are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6478"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005912"
},
{
"db": "ZDI",
"id": "ZDI-15-578"
},
{
"db": "ZDI",
"id": "ZDI-15-577"
},
{
"db": "ZDI",
"id": "ZDI-15-580"
},
{
"db": "ZDI",
"id": "ZDI-15-573"
},
{
"db": "ZDI",
"id": "ZDI-15-579"
},
{
"db": "CNVD",
"id": "CNVD-2015-07635"
},
{
"db": "BID",
"id": "77571"
},
{
"db": "IVD",
"id": "7c5e661c-2351-11e6-abef-000c29c66e3d"
}
],
"trust": 5.76
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6478",
"trust": 7.0
},
{
"db": "ICS CERT",
"id": "ICSA-15-274-02",
"trust": 3.0
},
{
"db": "BID",
"id": "77571",
"trust": 1.9
},
{
"db": "ZDI",
"id": "ZDI-15-578",
"trust": 1.7
},
{
"db": "ZDI",
"id": "ZDI-15-577",
"trust": 1.7
},
{
"db": "ZDI",
"id": "ZDI-15-580",
"trust": 1.7
},
{
"db": "ZDI",
"id": "ZDI-15-573",
"trust": 1.7
},
{
"db": "ZDI",
"id": "ZDI-15-579",
"trust": 1.7
},
{
"db": "CNVD",
"id": "CNVD-2015-07635",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201511-244",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005912",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2910",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2911",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2918",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2904",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2919",
"trust": 0.7
},
{
"db": "IVD",
"id": "7C5E661C-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "7c5e661c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-15-578"
},
{
"db": "ZDI",
"id": "ZDI-15-577"
},
{
"db": "ZDI",
"id": "ZDI-15-580"
},
{
"db": "ZDI",
"id": "ZDI-15-573"
},
{
"db": "ZDI",
"id": "ZDI-15-579"
},
{
"db": "CNVD",
"id": "CNVD-2015-07635"
},
{
"db": "BID",
"id": "77571"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005912"
},
{
"db": "NVD",
"id": "CVE-2015-6478"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-244"
}
]
},
"id": "VAR-201511-0047",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7c5e661c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-07635"
}
],
"trust": 1.3869565000000001
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "7c5e661c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-07635"
}
]
},
"last_update_date": "2023-12-18T12:37:55.613000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Unitronics has issued an update to correct this vulnerability.",
"trust": 3.5,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-274-02"
},
{
"title": "Download - VisiLogic (Vision Series)",
"trust": 0.8,
"url": "http://www.unitronics.com/support/downloads"
},
{
"title": "Unitronics VisiLogic OPLC IDE patch for arbitrary code execution vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/66868"
},
{
"title": "Unitronics VisiLogic OPLC IDE Fixes for arbitrary code execution vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=58733"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-578"
},
{
"db": "ZDI",
"id": "ZDI-15-577"
},
{
"db": "ZDI",
"id": "ZDI-15-580"
},
{
"db": "ZDI",
"id": "ZDI-15-573"
},
{
"db": "ZDI",
"id": "ZDI-15-579"
},
{
"db": "CNVD",
"id": "CNVD-2015-07635"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005912"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-244"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-284",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005912"
},
{
"db": "NVD",
"id": "CVE-2015-6478"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 6.5,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-274-02"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/77571"
},
{
"trust": 1.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-573"
},
{
"trust": 1.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-577"
},
{
"trust": 1.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-578"
},
{
"trust": 1.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-579"
},
{
"trust": 1.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-580"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6478"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6478"
},
{
"trust": 0.3,
"url": "http://support.microsoft.com/kb/240797"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-578"
},
{
"db": "ZDI",
"id": "ZDI-15-577"
},
{
"db": "ZDI",
"id": "ZDI-15-580"
},
{
"db": "ZDI",
"id": "ZDI-15-573"
},
{
"db": "ZDI",
"id": "ZDI-15-579"
},
{
"db": "CNVD",
"id": "CNVD-2015-07635"
},
{
"db": "BID",
"id": "77571"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005912"
},
{
"db": "NVD",
"id": "CVE-2015-6478"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-244"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7c5e661c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-15-578"
},
{
"db": "ZDI",
"id": "ZDI-15-577"
},
{
"db": "ZDI",
"id": "ZDI-15-580"
},
{
"db": "ZDI",
"id": "ZDI-15-573"
},
{
"db": "ZDI",
"id": "ZDI-15-579"
},
{
"db": "CNVD",
"id": "CNVD-2015-07635"
},
{
"db": "BID",
"id": "77571"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005912"
},
{
"db": "NVD",
"id": "CVE-2015-6478"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-244"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-11-18T00:00:00",
"db": "IVD",
"id": "7c5e661c-2351-11e6-abef-000c29c66e3d"
},
{
"date": "2015-12-02T00:00:00",
"db": "ZDI",
"id": "ZDI-15-578"
},
{
"date": "2015-12-02T00:00:00",
"db": "ZDI",
"id": "ZDI-15-577"
},
{
"date": "2015-12-02T00:00:00",
"db": "ZDI",
"id": "ZDI-15-580"
},
{
"date": "2015-12-02T00:00:00",
"db": "ZDI",
"id": "ZDI-15-573"
},
{
"date": "2015-12-02T00:00:00",
"db": "ZDI",
"id": "ZDI-15-579"
},
{
"date": "2015-11-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-07635"
},
{
"date": "2015-11-12T00:00:00",
"db": "BID",
"id": "77571"
},
{
"date": "2015-11-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005912"
},
{
"date": "2015-11-13T03:59:03.960000",
"db": "NVD",
"id": "CVE-2015-6478"
},
{
"date": "2015-11-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201511-244"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-12-02T00:00:00",
"db": "ZDI",
"id": "ZDI-15-578"
},
{
"date": "2015-12-02T00:00:00",
"db": "ZDI",
"id": "ZDI-15-577"
},
{
"date": "2015-12-02T00:00:00",
"db": "ZDI",
"id": "ZDI-15-580"
},
{
"date": "2015-12-02T00:00:00",
"db": "ZDI",
"id": "ZDI-15-573"
},
{
"date": "2015-12-02T00:00:00",
"db": "ZDI",
"id": "ZDI-15-579"
},
{
"date": "2015-11-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-07635"
},
{
"date": "2015-12-08T22:23:00",
"db": "BID",
"id": "77571"
},
{
"date": "2015-11-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005912"
},
{
"date": "2016-12-07T18:20:29.930000",
"db": "NVD",
"id": "CVE-2015-6478"
},
{
"date": "2015-11-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201511-244"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201511-244"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unitronics VisiLogic OPLC IDE Arbitrary code execution vulnerability",
"sources": [
{
"db": "IVD",
"id": "7c5e661c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-07635"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-244"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "77571"
}
],
"trust": 0.3
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…