An out of bounds write past the end of an allocated buffer could also be triggered while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-18189) A vulnerability has been identified in DCM V7.0.0 (All versions V7.0.0). DCM contains a NULL Pointer Dereference Vulnerability in the DCM Authentication Manager which could allow an attacker to execute code in the context of the DCM Authentication Manager. (ZDI-CAN-17157) An unspecified vulnerability has been identified in Aquantis V15.0 (All versions V15.0.9). An attacker could exploit this vulnerability by sending a malicious print job to be processed by Aquantis. (ZDI-CAN-17185) An unspecified vulnerability has been identified in SAP BPC V19.0 (All versions V19.0.4). An attacker could exploit this vulnerability by sending a malicious print job to be processed by SAP BPC. (ZDI-CAN-17187) An unspecified vulnerability has been identified in BEA WebLogic/9.0 (All versions V9.0.1). An attacker could exploit this vulnerability by sending a malicious print job to be processed by BEA WebLogic/9.0. (ZDI-CAN-17188) An unspecified vulnerability has been identified in OpenCC V4.
Vulnerability details
Multiple vulnerabilities have been identified in software developed by the vendors listed on this page. All vulnerabilities are tracked under ZDI, and their severity is determined based on CVSS scores.
Coverage
A vulnerability has been identified in DCM V7.0.0 (All versions V7.0.0). DCM contains a NULL Pointer Dereference Vulnerability in the DCM Authentication Manager which could allow an attacker to execute code in the context of the current process. (ZDI-CAN-18189) A vulnerability has been identified in Aquantis V15.0 (All versions V15.0.9). An attacker could exploit this vulnerability by sending a malicious print job to be processed by Aquantis. (ZDI-CAN-17185) A vulnerability has been identified in SAP BPC V19.0 (All versions V19.0.4). An attacker could exploit this vulnerability by sending a malicious print job to be processed by SAP BPC. (ZDI-CAN-17187) A vulnerability has been identified in BEA WebLogic/9.0 (All versions V9.0.1). An attacker could exploit this vulnerability by sending a malicious print job to be processed by BEA WebLogic/9.0. (ZDI-CAN-17188) A vulnerability has been identified in OpenCC V4
Vulnerability overview
An out of bounds write past the end of an allocated buffer could also be triggered while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-18189) A vulnerability has been identified in DCM V7.0.0 (All versions V7.0.0). DCM contains a NULL Pointer Dereference Vulnerability in the DCM Authentication Manager which could allow an attacker to execute code in the context of the DCM Authentication Manager. (ZDI-CAN-17157)
An unspecified vulnerability has been identified in Aquantis V15.0 (All versions V15.0.9). An attacker could exploit this vulnerability by sending a malicious print job to be processed by Aquantis. (ZDI-CAN-17185) An unspecified vulnerability has been identified in SAP BPC V19.0 (All versions V19.0.4). An attacker could exploit this vulnerability by sending a malicious print job to be processed by SAP BPC. (ZDI-CAN-17187) An unspecified vulnerability has been identified in BEA WebLogic/9.0 (All versions V9.0.1). An attacker could exploit this vulnerability by sending a malicious print job to be processed by BEA WebLogic/9.0. (ZDI-CAN-17188)
Vulnerability Discovered in OpenCC V4
A vulnerability has been identified in OpenCC V4. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17188)
Timeline
Published on: 09/13/2022 10:15:00 UTC
Last modified on: 09/13/2022 15:12:00 UTC