Use after free vulnerability exists in CX-Programmer Ver.9.79 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur. This vulnerability is different from CVE-2023-22317 and CVE-2023-22314.
References
Link | Resource |
---|---|
https://jvn.jp/en/vu/JVNVU92877622/ | Third Party Advisory |
Configurations
History
08 Aug 2023, 14:23
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
CWE | CWE-416 | |
References | (MISC) https://jvn.jp/en/vu/JVNVU92877622/ - Third Party Advisory | |
CPE | cpe:2.3:a:omron:cx-programmer:*:*:*:*:*:*:*:* |
03 Aug 2023, 15:37
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-08-03 15:15
Updated : 2024-02-05 00:01
NVD link : CVE-2023-22277
Mitre link : CVE-2023-22277
CVE.ORG link : CVE-2023-22277
JSON object : View
Products Affected
omron
- cx-programmer
CWE
CWE-416
Use After Free