CVE-2011-4055

HIGH Year: 2011
CVSS v2 Score
9.3
Critical
Weakness Type
CWE-119
View all →

Vulnerability Description

Buffer overflow in the WebClient ActiveX control in Siemens Tecnomatix FactoryLink 6.6.1 (aka 6.6 SP1), 7.5.217 (aka 7.5 SP2), and 8.0.2.54 allows remote attackers to execute arbitrary code via a long string in a parameter associated with the location URL.

Related Vulnerabilities

CVE-2015-0565

CRITICAL
CVSS:10.0(Critical)

NaCl in 2015 allowed the CLFLUSH instruction, making rowhammer attacks possible.

CWE-1192015

CVE-2015-8459

CRITICAL
CVSS:10.0(Critical)

Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe A...

CWE-1192015

CVE-2015-8659

CRITICAL
CVSS:10.0(Critical)

The idle stream handling in nghttp2 before 1.6.0 allows attackers to have unspecified impact via unknown vectors, aka a heap-use-after-free bug.

CWE-1192015

CVE-2016-1931

CRITICAL
CVSS:10.0(Critical)

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly exec...

CWE-1192016

CVE-2016-8352

CRITICAL
CVSS:10.0(Critical)

An issue was discovered in Schneider Electric ConneXium firewalls TCSEFEC23F3F20 all versions, TCSEFEC23F3F21 all versions, TCSEFEC23FCF20 all versions, TCSEFEC23FCF21 all versions, and TCSEFEC2CF3F20...

CWE-1192016

CVE-2017-10920

CRITICAL
CVSS:10.0(Critical)

The grant-table feature in Xen through 4.8.x mishandles a GNTMAP_device_map and GNTMAP_host_map mapping, when followed by only a GNTMAP_host_map unmapping, which allows guest OS users to cause a denia...

CWE-1192017