Lucene search

[email protected]CVE-2013-0728

HistoryOct 03, 2022 - 4:15 p.m.

CVE-2013-0728

2022-10-0316:15:04

CWE-119

[email protected]

web.nvd.nist.gov

cve-2013-0728

ncsaddon.dll

erdas apollo

buffer overflow

remote code execution

internet explorer

firefox

chrome

nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

75.1%

JSON

Multiple stack-based buffer overflows in NCSAddOn.dll in the ERDAS APOLLO ECWP plugin before 13.00.0001 for Internet Explorer, Firefox, and Chrome allow remote attackers to execute arbitrary code via a long property value.

Affected configurations

NVD

Node

hexagonerdas_apollo_ecwpMatch13.00.0000-chrome

hexagonerdas_apollo_ecwpMatch13.00.0000-firefox

hexagonerdas_apollo_ecwpMatch13.00.0000-internet_explorer

CPENameOperatorVersion
hexagon:erdas_apollo_ecwphexagon erdas apollo ecwpeq13.00.0000

CPE	Name	Operator	Version
hexagon:erdas_apollo_ecwp	hexagon erdas apollo ecwp	eq	13.00.0000

References

secunia.com/advisories/51647

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

75.1%

JSON

Related for CVE-2013-0728

nvd1 cvelist1 prion1