Common Weakness Enumeration
CWE-843
AllowedAccess of Resource Using Incompatible Type ('Type Confusion')
Abstraction: Base · Status: Incomplete
The product allocates or initializes a resource such as a pointer, object, or variable using one type, but it later accesses that resource using a type that is incompatible with the original type.
1041 vulnerabilities reference this CWE, most recent first.
CVE-2020-1911 (GCVE-0-2020-1911)
Vulnerability from cvelistv5 – Published: 2020-09-04 02:35 – Updated: 2024-08-04 06:53
VLAI
EPSS
VEX
Summary
A type confusion vulnerability when resolving properties of JavaScript objects with specially-crafted prototype chains in Facebook Hermes prior to commit fe52854cdf6725c2eaa9e125995da76e6ceb27da allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that this is only exploitable if the application using Hermes permits evaluation of untrusted JavaScript. Hence, most React Native applications are not affected.
Severity
No CVSS data available.
CWE
- CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.facebook.com/security/advisories/cve-… | x_refsource_CONFIRM |
| https://github.com/facebook/hermes/commit/fe52854… | x_refsource_CONFIRM |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:53:59.783Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.facebook.com/security/advisories/cve-2020-1911"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/facebook/hermes/commit/fe52854cdf6725c2eaa9e125995da76e6ceb27da"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Hermes",
"vendor": "Facebook",
"versions": [
{
"status": "affected",
"version": "commit prior to fe52854cdf6725c2eaa9e125995da76e6ceb27da"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A type confusion vulnerability when resolving properties of JavaScript objects with specially-crafted prototype chains in Facebook Hermes prior to commit fe52854cdf6725c2eaa9e125995da76e6ceb27da allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that this is only exploitable if the application using Hermes permits evaluation of untrusted JavaScript. Hence, most React Native applications are not affected."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "CWE-843: Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-04T02:35:19.000Z",
"orgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
"shortName": "facebook"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.facebook.com/security/advisories/cve-2020-1911"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/facebook/hermes/commit/fe52854cdf6725c2eaa9e125995da76e6ceb27da"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve-assign@fb.com",
"DATA_ASSIGNED": "2020-09-03",
"ID": "CVE-2020-1911",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Hermes",
"version": {
"version_data": [
{
"version_value": "commit prior to fe52854cdf6725c2eaa9e125995da76e6ceb27da"
}
]
}
}
]
},
"vendor_name": "Facebook"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A type confusion vulnerability when resolving properties of JavaScript objects with specially-crafted prototype chains in Facebook Hermes prior to commit fe52854cdf6725c2eaa9e125995da76e6ceb27da allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that this is only exploitable if the application using Hermes permits evaluation of untrusted JavaScript. Hence, most React Native applications are not affected."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-843: Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.facebook.com/security/advisories/cve-2020-1911",
"refsource": "CONFIRM",
"url": "https://www.facebook.com/security/advisories/cve-2020-1911"
},
{
"name": "https://github.com/facebook/hermes/commit/fe52854cdf6725c2eaa9e125995da76e6ceb27da",
"refsource": "CONFIRM",
"url": "https://github.com/facebook/hermes/commit/fe52854cdf6725c2eaa9e125995da76e6ceb27da"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
"assignerShortName": "facebook",
"cveId": "CVE-2020-1911",
"datePublished": "2020-09-04T02:35:20.000Z",
"dateReserved": "2019-12-02T00:00:00.000Z",
"dateUpdated": "2024-08-04T06:53:59.783Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-17639 (GCVE-0-2019-17639)
Vulnerability from cvelistv5 – Published: 2020-07-15 21:19 – Updated: 2024-08-05 01:47
VLAI
EPSS
VEX
Summary
In Eclipse OpenJ9 prior to version 0.21 on Power platforms, calling the System.arraycopy method with a length longer than the length of the source or destination array can, in certain specially crafted code patterns, cause the current method to return prematurely with an undefined return value. This allows whatever value happens to be in the return register at that time to be used as if it matches the method's declared return type.
Severity
No CVSS data available.
CWE
- CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://bugs.eclipse.org/bugs/show_bug.cgi?id=563998 | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| The Eclipse Foundation | Eclipse OpenJ9 |
Affected:
<= 0.21
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:47:13.522Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=563998"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Eclipse OpenJ9",
"vendor": "The Eclipse Foundation",
"versions": [
{
"status": "affected",
"version": "\u003c= 0.21"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Eclipse OpenJ9 prior to version 0.21 on Power platforms, calling the System.arraycopy method with a length longer than the length of the source or destination array can, in certain specially crafted code patterns, cause the current method to return prematurely with an undefined return value. This allows whatever value happens to be in the return register at that time to be used as if it matches the method\u0027s declared return type."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "CWE-843: Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-15T21:19:31.000Z",
"orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
"shortName": "eclipse"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=563998"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@eclipse.org",
"ID": "CVE-2019-17639",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Eclipse OpenJ9",
"version": {
"version_data": [
{
"version_value": "\u003c= 0.21"
}
]
}
}
]
},
"vendor_name": "The Eclipse Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Eclipse OpenJ9 prior to version 0.21 on Power platforms, calling the System.arraycopy method with a length longer than the length of the source or destination array can, in certain specially crafted code patterns, cause the current method to return prematurely with an undefined return value. This allows whatever value happens to be in the return register at that time to be used as if it matches the method\u0027s declared return type."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-843: Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=563998",
"refsource": "CONFIRM",
"url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=563998"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
"assignerShortName": "eclipse",
"cveId": "CVE-2019-17639",
"datePublished": "2020-07-15T21:19:31.000Z",
"dateReserved": "2019-10-16T00:00:00.000Z",
"dateUpdated": "2024-08-05T01:47:13.522Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-15792 (GCVE-0-2019-15792)
Vulnerability from cvelistv5 – Published: 2020-04-23 23:55 – Updated: 2024-09-16 23:41
VLAI
EPSS
VEX
Title
Type confusion in shiftfs
Summary
In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, shiftfs_btrfs_ioctl_fd_replace() calls fdget(oldfd), then without further checks passes the resulting file* into shiftfs_real_fdget(), which casts file->private_data, a void* that points to a filesystem-dependent type, to a "struct shiftfs_file_info *". As the private_data is not required to be a pointer, an attacker can use this to cause a denial of service or possibly execute arbitrary code.
Severity
7.1 (High)
CWE
- CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://usn.ubuntu.com/usn/usn-4183-1 | x_refsource_MISC |
| https://usn.ubuntu.com/usn/usn-4184-1 | x_refsource_MISC |
| https://git.launchpad.net/~ubuntu-kernel/ubuntu/+… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Ubuntu | Shiftfs in the Linux kernel |
Affected:
5.3.0-11.12 , < 5.3 kernel*
(custom)
Affected: 5.0 kernel , < 5.0.0-35.38 (custom) |
Date Public
2019-11-12 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T00:56:22.476Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://usn.ubuntu.com/usn/usn-4183-1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://usn.ubuntu.com/usn/usn-4184-1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/eoan/commit/?id=5df147c8140efc71ac0879ae3b0057f577226d4c"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Shiftfs in the Linux kernel",
"vendor": "Ubuntu",
"versions": [
{
"changes": [
{
"at": "5.3.0-22.24",
"status": "unaffected"
}
],
"lessThan": "5.3 kernel*",
"status": "affected",
"version": "5.3.0-11.12",
"versionType": "custom"
},
{
"lessThan": "5.0.0-35.38",
"status": "affected",
"version": "5.0 kernel",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Jann Horn of Google Project Zero"
}
],
"datePublic": "2019-11-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, shiftfs_btrfs_ioctl_fd_replace() calls fdget(oldfd), then without further checks passes the resulting file* into shiftfs_real_fdget(), which casts file-\u003eprivate_data, a void* that points to a filesystem-dependent type, to a \"struct shiftfs_file_info *\". As the private_data is not required to be a pointer, an attacker can use this to cause a denial of service or possibly execute arbitrary code."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "CWE-843 Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-23T23:55:24.000Z",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://usn.ubuntu.com/usn/usn-4183-1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://usn.ubuntu.com/usn/usn-4184-1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/eoan/commit/?id=5df147c8140efc71ac0879ae3b0057f577226d4c"
}
],
"source": {
"defect": [
"https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1850867"
],
"discovery": "EXTERNAL"
},
"title": "Type confusion in shiftfs",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"DATE_PUBLIC": "2019-11-12 18:00:00 UTC",
"ID": "CVE-2019-15792",
"STATE": "PUBLIC",
"TITLE": "Type confusion in shiftfs"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Shiftfs in the Linux kernel",
"version": {
"version_data": [
{
"version_affected": "\u003e=",
"version_name": "5.3 kernel",
"version_value": "5.3.0-11.12"
},
{
"version_affected": "\u003c",
"version_name": "5.3 kernel",
"version_value": "5.3.0-22.24"
},
{
"version_affected": "\u003c",
"version_name": "5.0 kernel",
"version_value": "5.0.0-35.38"
}
]
}
}
]
},
"vendor_name": "Ubuntu"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Jann Horn of Google Project Zero"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, shiftfs_btrfs_ioctl_fd_replace() calls fdget(oldfd), then without further checks passes the resulting file* into shiftfs_real_fdget(), which casts file-\u003eprivate_data, a void* that points to a filesystem-dependent type, to a \"struct shiftfs_file_info *\". As the private_data is not required to be a pointer, an attacker can use this to cause a denial of service or possibly execute arbitrary code."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-843 Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://usn.ubuntu.com/usn/usn-4183-1",
"refsource": "MISC",
"url": "https://usn.ubuntu.com/usn/usn-4183-1"
},
{
"name": "https://usn.ubuntu.com/usn/usn-4184-1",
"refsource": "MISC",
"url": "https://usn.ubuntu.com/usn/usn-4184-1"
},
{
"name": "https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/eoan/commit/?id=5df147c8140efc71ac0879ae3b0057f577226d4c",
"refsource": "MISC",
"url": "https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/eoan/commit/?id=5df147c8140efc71ac0879ae3b0057f577226d4c"
}
]
},
"source": {
"defect": [
"https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1850867"
],
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2019-15792",
"datePublished": "2020-04-23T23:55:24.126Z",
"dateReserved": "2019-08-29T00:00:00.000Z",
"dateUpdated": "2024-09-16T23:41:36.466Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-13519 (GCVE-0-2019-13519)
Vulnerability from cvelistv5 – Published: 2020-01-27 22:56 – Updated: 2024-08-04 23:57
VLAI
EPSS
VEX
Summary
A maliciously crafted program file opened by an unsuspecting user of Rockwell Automation Arena Simulation Software version 16.00.00 and earlier may result in the limited exposure of information related to the targeted workstation. Rockwell Automation has released version 16.00.01 of Arena Simulation Software to address the reported vulnerabilities.
Severity
No CVSS data available.
CWE
- CWE-843 - Access of resource using incompatible type ('Type confusion') CWE-843
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.us-cert.gov/ics/advisories/icsa-19-213-05 | x_refsource_MISC |
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Rockwell | Rockwell Automation Arena Simulation Software |
Affected:
Versions 16.00.00 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:57:39.301Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-213-05"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-802/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rockwell Automation Arena Simulation Software",
"vendor": "Rockwell",
"versions": [
{
"status": "affected",
"version": "Versions 16.00.00 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted program file opened by an unsuspecting user of Rockwell Automation Arena Simulation Software version 16.00.00 and earlier may result in the limited exposure of information related to the targeted workstation. Rockwell Automation has released version 16.00.01 of Arena Simulation Software to address the reported vulnerabilities."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "Access of resource using incompatible type (\u0027Type confusion\u0027) CWE-843",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-27T22:57:00.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-213-05"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-802/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2019-13519",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rockwell Automation Arena Simulation Software",
"version": {
"version_data": [
{
"version_value": "Versions 16.00.00 and earlier"
}
]
}
}
]
},
"vendor_name": "Rockwell"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A maliciously crafted program file opened by an unsuspecting user of Rockwell Automation Arena Simulation Software version 16.00.00 and earlier may result in the limited exposure of information related to the targeted workstation. Rockwell Automation has released version 16.00.01 of Arena Simulation Software to address the reported vulnerabilities."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Access of resource using incompatible type (\u0027Type confusion\u0027) CWE-843"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-19-213-05",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-213-05"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-19-802/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-802/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2019-13519",
"datePublished": "2020-01-27T22:56:50.000Z",
"dateReserved": "2019-07-11T00:00:00.000Z",
"dateUpdated": "2024-08-04T23:57:39.301Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-13330 (GCVE-0-2019-13330)
Vulnerability from cvelistv5 – Published: 2019-10-03 21:33 – Updated: 2024-08-04 23:49
VLAI
EPSS
VEX
Summary
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of JPG files. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8742.
Severity
7.8 (High)
CWE
- CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.foxitsoftware.com/support/security-bu… | x_refsource_MISC |
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_refsource_MISC |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:49:24.606Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.foxitsoftware.com/support/security-bulletins.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-853/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "9.5.0.20723"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Natnael Samson (@NattiSamson)"
}
],
"descriptions": [
{
"lang": "en",
"value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of JPG files. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8742."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "CWE-843: Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-03T21:33:18.000Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.foxitsoftware.com/support/security-bulletins.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-853/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "zdi-disclosures@trendmicro.com",
"ID": "CVE-2019-13330",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Reader",
"version": {
"version_data": [
{
"version_value": "9.5.0.20723"
}
]
}
}
]
},
"vendor_name": "Foxit"
}
]
}
},
"credit": "Natnael Samson (@NattiSamson)",
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of JPG files. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8742."
}
]
},
"impact": {
"cvss": {
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-843: Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.foxitsoftware.com/support/security-bulletins.php",
"refsource": "MISC",
"url": "https://www.foxitsoftware.com/support/security-bulletins.php"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-19-853/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-853/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2019-13330",
"datePublished": "2019-10-03T21:33:18.000Z",
"dateReserved": "2019-07-05T00:00:00.000Z",
"dateUpdated": "2024-08-04T23:49:24.606Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-13329 (GCVE-0-2019-13329)
Vulnerability from cvelistv5 – Published: 2019-10-03 21:33 – Updated: 2024-08-04 23:49
VLAI
EPSS
VEX
Summary
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of TIF files. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8695.
Severity
7.8 (High)
CWE
- CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.foxitsoftware.com/support/security-bu… | x_refsource_MISC |
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_refsource_MISC |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:49:24.587Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.foxitsoftware.com/support/security-bulletins.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-852/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "9.5"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Zak Rogness"
}
],
"descriptions": [
{
"lang": "en",
"value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of TIF files. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8695."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "CWE-843: Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-03T21:33:18.000Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.foxitsoftware.com/support/security-bulletins.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-852/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "zdi-disclosures@trendmicro.com",
"ID": "CVE-2019-13329",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Reader",
"version": {
"version_data": [
{
"version_value": "9.5"
}
]
}
}
]
},
"vendor_name": "Foxit"
}
]
}
},
"credit": "Zak Rogness",
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of TIF files. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8695."
}
]
},
"impact": {
"cvss": {
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-843: Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.foxitsoftware.com/support/security-bulletins.php",
"refsource": "MISC",
"url": "https://www.foxitsoftware.com/support/security-bulletins.php"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-19-852/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-852/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2019-13329",
"datePublished": "2019-10-03T21:33:18.000Z",
"dateReserved": "2019-07-05T00:00:00.000Z",
"dateUpdated": "2024-08-04T23:49:24.587Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-10980 (GCVE-0-2019-10980)
Vulnerability from cvelistv5 – Published: 2019-08-05 18:39 – Updated: 2024-08-04 22:40
VLAI
EPSS
VEX
Summary
A type confusion vulnerability may be exploited when LAquis SCADA 4.3.1.71 processes a specially crafted project file. This may allow an attacker to execute remote code. The attacker must have local access to the system. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).
Severity
No CVSS data available.
CWE
- CWE-843 - ACCESS OF RESOURCE USING INCOMPATIBLE TYPE ('TYPE CONFUSION') CWE-843
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.us-cert.gov/ics/advisories/icsa-19-213-06 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | LCDS LAquis SCADA |
Affected:
4.3.1.71
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:40:15.478Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-213-06"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "LCDS LAquis SCADA",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "4.3.1.71"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A type confusion vulnerability may be exploited when LAquis SCADA 4.3.1.71 processes a specially crafted project file. This may allow an attacker to execute remote code. The attacker must have local access to the system. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "ACCESS OF RESOURCE USING INCOMPATIBLE TYPE (\u0027TYPE CONFUSION\u0027) CWE-843",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-05T18:39:38.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-213-06"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2019-10980",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "LCDS LAquis SCADA",
"version": {
"version_data": [
{
"version_value": "4.3.1.71"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A type confusion vulnerability may be exploited when LAquis SCADA 4.3.1.71 processes a specially crafted project file. This may allow an attacker to execute remote code. The attacker must have local access to the system. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "ACCESS OF RESOURCE USING INCOMPATIBLE TYPE (\u0027TYPE CONFUSION\u0027) CWE-843"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-19-213-06",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-213-06"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2019-10980",
"datePublished": "2019-08-05T18:39:38.000Z",
"dateReserved": "2019-04-08T00:00:00.000Z",
"dateUpdated": "2024-08-04T22:40:15.478Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-6532 (GCVE-0-2019-6532)
Vulnerability from cvelistv5 – Published: 2019-06-07 13:58 – Updated: 2024-08-04 20:23
VLAI
EPSS
VEX
Summary
Panasonic FPWIN Pro version 7.3.0.0 and prior allows attacker-created project files to be loaded by an authenticated user triggering incompatible type errors because the resource does not have expected properties. This may lead to remote code execution.
Severity
No CVSS data available.
CWE
- CWE-843 - ACCESS OF RESOURCE USING INCOMPATIBLE TYPE ('TYPE CONFUSION') CWE-843
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://ics-cert.us-cert.gov/advisories/ICSA-19-157-02 | x_refsource_MISC |
| http://www.securityfocus.com/bid/108683 | vdb-entryx_refsource_BID |
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_refsource_MISC |
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_refsource_MISC |
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_refsource_MISC |
Impacted products
Date Public
2019-06-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:23:21.586Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-157-02"
},
{
"name": "108683",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108683"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-568/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-566/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-570/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FPWIN Pro",
"vendor": "Panasonic",
"versions": [
{
"status": "affected",
"version": "Version 7.3.0.0 and prior"
}
]
}
],
"datePublic": "2019-06-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Panasonic FPWIN Pro version 7.3.0.0 and prior allows attacker-created project files to be loaded by an authenticated user triggering incompatible type errors because the resource does not have expected properties. This may lead to remote code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "ACCESS OF RESOURCE USING INCOMPATIBLE TYPE (\u0027TYPE CONFUSION\u0027) CWE-843",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-06-13T17:06:07.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-157-02"
},
{
"name": "108683",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108683"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-568/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-566/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-570/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2019-6532",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FPWIN Pro",
"version": {
"version_data": [
{
"version_value": "Version 7.3.0.0 and prior"
}
]
}
}
]
},
"vendor_name": "Panasonic"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Panasonic FPWIN Pro version 7.3.0.0 and prior allows attacker-created project files to be loaded by an authenticated user triggering incompatible type errors because the resource does not have expected properties. This may lead to remote code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "ACCESS OF RESOURCE USING INCOMPATIBLE TYPE (\u0027TYPE CONFUSION\u0027) CWE-843"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-19-157-02",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-157-02"
},
{
"name": "108683",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108683"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-19-568/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-568/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-19-566/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-566/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-19-570/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-570/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2019-6532",
"datePublished": "2019-06-07T13:58:48.000Z",
"dateReserved": "2019-01-22T00:00:00.000Z",
"dateUpdated": "2024-08-04T20:23:21.586Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-19027 (GCVE-0-2018-19027)
Vulnerability from cvelistv5 – Published: 2019-01-30 16:00 – Updated: 2024-09-16 17:09
VLAI
EPSS
VEX
Summary
Three type confusion vulnerabilities exist in CX-One Versions 4.50 and prior and CX-Protocol Versions 2.0 and prior when processing project files. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application.
Severity
No CVSS data available.
CWE
- CWE-843 - ACCESS OF RESOURCE USING INCOMPATIBLE TYPE ('TYPE CONFUSION') CWE-843
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/106524 | vdb-entryx_refsource_BID |
| https://ics-cert.us-cert.gov/advisories/ICSA-19-010-02 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Omron | CX-Protocol within CX-One |
Affected:
CX-One Versions 4.50 and prior, including the following applications: CX-Protocol Versions 2.0 and prior
|
Date Public
2019-01-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:23:08.658Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "106524",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106524"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-010-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CX-Protocol within CX-One",
"vendor": "Omron",
"versions": [
{
"status": "affected",
"version": "CX-One Versions 4.50 and prior, including the following applications: CX-Protocol Versions 2.0 and prior"
}
]
}
],
"datePublic": "2019-01-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Three type confusion vulnerabilities exist in CX-One Versions 4.50 and prior and CX-Protocol Versions 2.0 and prior when processing project files. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "ACCESS OF RESOURCE USING INCOMPATIBLE TYPE (\u0027TYPE CONFUSION\u0027) CWE-843",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-31T10:57:01.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"name": "106524",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106524"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-010-02"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2019-01-10T00:00:00",
"ID": "CVE-2018-19027",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CX-Protocol within CX-One",
"version": {
"version_data": [
{
"version_value": "CX-One Versions 4.50 and prior, including the following applications: CX-Protocol Versions 2.0 and prior"
}
]
}
}
]
},
"vendor_name": "Omron"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Three type confusion vulnerabilities exist in CX-One Versions 4.50 and prior and CX-Protocol Versions 2.0 and prior when processing project files. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "ACCESS OF RESOURCE USING INCOMPATIBLE TYPE (\u0027TYPE CONFUSION\u0027) CWE-843"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106524",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106524"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-19-010-02",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-010-02"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2018-19027",
"datePublished": "2019-01-30T16:00:00.000Z",
"dateReserved": "2018-11-06T00:00:00.000Z",
"dateUpdated": "2024-09-16T17:09:00.258Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-19019 (GCVE-0-2018-19019)
Vulnerability from cvelistv5 – Published: 2019-01-22 20:00 – Updated: 2024-09-17 01:16
VLAI
EPSS
VEX
Summary
A type confusion vulnerability exists when processing project files in CX-Supervisor (Versions 3.42 and prior). An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application.
Severity
No CVSS data available.
CWE
- CWE-843 - ACCESS OF RESOURCE USING INCOMPATIBLE TYPE ('TYPE CONFUSION') CWE-843
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/106654 | vdb-entryx_refsource_BID |
| https://ics-cert.us-cert.gov/advisories/ICSA-19-017-01 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| ICS-CERT | CX-Supervisor |
Affected:
Versions 3.42 and prior
|
Date Public
2019-01-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:23:08.810Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "106654",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106654"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-017-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CX-Supervisor",
"vendor": "ICS-CERT",
"versions": [
{
"status": "affected",
"version": "Versions 3.42 and prior"
}
]
}
],
"datePublic": "2019-01-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A type confusion vulnerability exists when processing project files in CX-Supervisor (Versions 3.42 and prior). An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "ACCESS OF RESOURCE USING INCOMPATIBLE TYPE (\u0027TYPE CONFUSION\u0027) CWE-843",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-23T10:57:01.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"name": "106654",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106654"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-017-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2019-01-17T00:00:00",
"ID": "CVE-2018-19019",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CX-Supervisor",
"version": {
"version_data": [
{
"version_value": "Versions 3.42 and prior"
}
]
}
}
]
},
"vendor_name": "ICS-CERT"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A type confusion vulnerability exists when processing project files in CX-Supervisor (Versions 3.42 and prior). An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "ACCESS OF RESOURCE USING INCOMPATIBLE TYPE (\u0027TYPE CONFUSION\u0027) CWE-843"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106654",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106654"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-19-017-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-017-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2018-19019",
"datePublished": "2019-01-22T20:00:00.000Z",
"dateReserved": "2018-11-06T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:16:24.999Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.