Vulnerabilites related to NI - DIAdem
CVE-2013-5023 (GCVE-0-2013-5023)
Vulnerability from cvelistv5
Published
2013-08-06 18:00
Modified
2024-08-06 16:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The ActiveX controls in the HelpAsst component in NI Help Links in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products allow remote attackers to cause a denial of service by triggering the display of local .chm files.
References
| ▼ | URL | Tags |
|---|---|---|
| http://digital.ni.com/public.nsf/allkb/E6BC4F119D49A97A86257BD3004FE019?OpenDocument | x_refsource_CONFIRM | |
| http://digital.ni.com/public.nsf/websearch/5C87A3AA7300868986257B3600501FE6?OpenDocument | x_refsource_CONFIRM | |
| http://digital.ni.com/public.nsf/websearch/507DEC9DA57A708186257B3600512623?OpenDocument | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:59:41.216Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://digital.ni.com/public.nsf/allkb/E6BC4F119D49A97A86257BD3004FE019?OpenDocument"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://digital.ni.com/public.nsf/websearch/5C87A3AA7300868986257B3600501FE6?OpenDocument"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://digital.ni.com/public.nsf/websearch/507DEC9DA57A708186257B3600512623?OpenDocument"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-05-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The ActiveX controls in the HelpAsst component in NI Help Links in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products allow remote attackers to cause a denial of service by triggering the display of local .chm files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-09-17T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://digital.ni.com/public.nsf/allkb/E6BC4F119D49A97A86257BD3004FE019?OpenDocument"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://digital.ni.com/public.nsf/websearch/5C87A3AA7300868986257B3600501FE6?OpenDocument"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://digital.ni.com/public.nsf/websearch/507DEC9DA57A708186257B3600512623?OpenDocument"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-5023",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ActiveX controls in the HelpAsst component in NI Help Links in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products allow remote attackers to cause a denial of service by triggering the display of local .chm files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://digital.ni.com/public.nsf/allkb/E6BC4F119D49A97A86257BD3004FE019?OpenDocument",
"refsource": "CONFIRM",
"url": "http://digital.ni.com/public.nsf/allkb/E6BC4F119D49A97A86257BD3004FE019?OpenDocument"
},
{
"name": "http://digital.ni.com/public.nsf/websearch/5C87A3AA7300868986257B3600501FE6?OpenDocument",
"refsource": "CONFIRM",
"url": "http://digital.ni.com/public.nsf/websearch/5C87A3AA7300868986257B3600501FE6?OpenDocument"
},
{
"name": "http://digital.ni.com/public.nsf/websearch/507DEC9DA57A708186257B3600512623?OpenDocument",
"refsource": "CONFIRM",
"url": "http://digital.ni.com/public.nsf/websearch/507DEC9DA57A708186257B3600512623?OpenDocument"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-5023",
"datePublished": "2013-08-06T18:00:00",
"dateReserved": "2013-07-31T00:00:00",
"dateUpdated": "2024-08-06T16:59:41.216Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5136 (GCVE-0-2023-5136)
Vulnerability from cvelistv5
Published
2023-11-08 15:24
Modified
2025-06-11 14:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-611 - Improper Restriction of XML External Entity Reference
Summary
An incorrect permission assignment in the TopoGrafix DataPlugin for GPX could result in information disclosure. An attacker could exploit this vulnerability by getting a user to open a specially crafted data file.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | NI | TopoGrafix DataPlugin for GPX |
Version: 0 < 2023 Q4 |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:52:07.459Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.ni.com/en/support/documentation/supplemental/23/incorrect-permission-assignment-in-the-topografix-dataplug-for-gpx.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5136",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-04T14:20:44.035737Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-11T14:34:24.037Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "TopoGrafix DataPlugin for GPX",
"vendor": "NI",
"versions": [
{
"lessThan": "2023 Q4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "DIAdem",
"vendor": "NI",
"versions": [
{
"lessThan": "2023 Q2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "VeriStand",
"vendor": "NI",
"versions": [
{
"lessThanOrEqual": "2023 Q4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "FlexLogger",
"vendor": "NI",
"versions": [
{
"lessThanOrEqual": "2023 Q4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn incorrect permission assignment in the TopoGrafix DataPlugin for GPX could result in information disclosure. An attacker could exploit this vulnerability by getting a user to open a specially crafted data file.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "An incorrect permission assignment in the TopoGrafix DataPlugin for GPX could result in information disclosure. An attacker could exploit this vulnerability by getting a user to open a specially crafted data file."
}
],
"impacts": [
{
"capecId": "CAPEC-180",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611 Improper Restriction of XML External Entity Reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-10T20:27:28.145Z",
"orgId": "bca5b2e8-03a4-4781-b4ca-c6a078c0bfd4",
"shortName": "NI"
},
"references": [
{
"url": "https://www.ni.com/en/support/documentation/supplemental/23/incorrect-permission-assignment-in-the-topografix-dataplug-for-gpx.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Incorrect Permission Assignment in the TopoGrafix DataPlugin for GPX",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "bca5b2e8-03a4-4781-b4ca-c6a078c0bfd4",
"assignerShortName": "NI",
"cveId": "CVE-2023-5136",
"datePublished": "2023-11-08T15:24:10.867Z",
"dateReserved": "2023-09-22T19:29:47.084Z",
"dateUpdated": "2025-06-11T14:34:24.037Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
var-201308-0295
Vulnerability from variot
The ActiveX controls in the HelpAsst component in NI Help Links in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products allow remote attackers to cause a denial of service by triggering the display of local .chm files. Attackers may exploit this issue by enticing an unsuspecting victim to view a malicious webpage. The impact of this issue is currently unknown. We will update this BID as more information becomes available. The following products are affected: Diadem 2012 and prior LabVIEW 2012 and prior LabWindows/CVI 2012 and prior Measurement Studio 2013 and prior TestStand 2012 and prior
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201308-0295",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "labview",
"scope": "lte",
"trust": 1.0,
"vendor": "ni",
"version": "2012"
},
{
"model": "measurementstudio",
"scope": "lte",
"trust": 1.0,
"vendor": "ni",
"version": "2013"
},
{
"model": "teststand",
"scope": "lte",
"trust": 1.0,
"vendor": "ni",
"version": "2012"
},
{
"model": "diadem",
"scope": "lte",
"trust": 1.0,
"vendor": "ni",
"version": "2012"
},
{
"model": "labwindows",
"scope": "lte",
"trust": 1.0,
"vendor": "ni",
"version": "2012"
},
{
"model": "teststand",
"scope": "eq",
"trust": 0.9,
"vendor": "ni",
"version": "2012"
},
{
"model": "labview",
"scope": "eq",
"trust": 0.9,
"vendor": "ni",
"version": "2012"
},
{
"model": "diadem",
"scope": "eq",
"trust": 0.9,
"vendor": "ni",
"version": "2012"
},
{
"model": "labview",
"scope": null,
"trust": 0.8,
"vendor": "national instruments",
"version": null
},
{
"model": "labwindows/cvi",
"scope": null,
"trust": 0.8,
"vendor": "national instruments",
"version": null
},
{
"model": "measurementstudio",
"scope": "eq",
"trust": 0.6,
"vendor": "ni",
"version": "2013"
},
{
"model": "labwindows",
"scope": "eq",
"trust": 0.6,
"vendor": "ni",
"version": "2012"
},
{
"model": "measurement studio",
"scope": "eq",
"trust": 0.3,
"vendor": "ni",
"version": "2013"
},
{
"model": "labwindows/cvi",
"scope": "eq",
"trust": 0.3,
"vendor": "ni",
"version": "2012"
}
],
"sources": [
{
"db": "BID",
"id": "61833"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003661"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-068"
},
{
"db": "NVD",
"id": "CVE-2013-5023"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ni:labview",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ni:labwindows",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-003661"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "National Instruments",
"sources": [
{
"db": "BID",
"id": "61833"
}
],
"trust": 0.3
},
"cve": "CVE-2013-5023",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2013-5023",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-5023",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2013-5023",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201308-068",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-003661"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-068"
},
{
"db": "NVD",
"id": "CVE-2013-5023"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The ActiveX controls in the HelpAsst component in NI Help Links in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products allow remote attackers to cause a denial of service by triggering the display of local .chm files. \nAttackers may exploit this issue by enticing an unsuspecting victim to view a malicious webpage. \nThe impact of this issue is currently unknown. We will update this BID as more information becomes available. \nThe following products are affected:\nDiadem 2012 and prior\nLabVIEW 2012 and prior\nLabWindows/CVI 2012 and prior\nMeasurement Studio 2013 and prior\nTestStand 2012 and prior",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-5023"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003661"
},
{
"db": "BID",
"id": "61833"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-5023",
"trust": 2.7
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003661",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201308-068",
"trust": 0.6
},
{
"db": "BID",
"id": "61833",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "61833"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003661"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-068"
},
{
"db": "NVD",
"id": "CVE-2013-5023"
}
]
},
"id": "VAR-201308-0295",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.18333334
},
"last_update_date": "2024-11-23T23:12:49.177000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "How Does NI Security Update 67L8IQQW for NI Help Links Affect Me?",
"trust": 0.8,
"url": "http://digital.ni.com/public.nsf/websearch/5C87A3AA7300868986257B3600501FE6?OpenDocument"
},
{
"title": "How Do The NI Q2 2013 Security Updates Affect Me?",
"trust": 0.8,
"url": "http://digital.ni.com/public.nsf/websearch/507DEC9DA57A708186257B3600512623?OpenDocument"
},
{
"title": "NI Q2 2013\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a2\u30c3\u30d7\u30c7\u30fc\u30c8\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://digital.ni.com/public.nsf/websearchj/A13EF8E8AE2CFAA886257B750076EC0B?OpenDocument"
},
{
"title": "NI\u30d8\u30eb\u30d7\u30ea\u30f3\u30af\u7528NI\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a2\u30c3\u30d7\u30c7\u30fc\u30c867L8IQQW\u306b\u3064\u3044\u3066",
"trust": 0.8,
"url": "http://digital.ni.com/public.nsf/websearchj/A48F6C57184FF71D86257B5F0069BE56?OpenDocument"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-003661"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-5023"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://digital.ni.com/public.nsf/websearch/507dec9da57a708186257b3600512623?opendocument"
},
{
"trust": 1.9,
"url": "http://digital.ni.com/public.nsf/websearch/5c87a3aa7300868986257b3600501fe6?opendocument"
},
{
"trust": 1.0,
"url": "http://digital.ni.com/public.nsf/allkb/e6bc4f119d49a97a86257bd3004fe019?opendocument"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-5023"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-5023"
},
{
"trust": 0.3,
"url": "http://support.microsoft.com/kb/240797"
},
{
"trust": 0.3,
"url": "http://www.ni.com/"
}
],
"sources": [
{
"db": "BID",
"id": "61833"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003661"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-068"
},
{
"db": "NVD",
"id": "CVE-2013-5023"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "61833"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003661"
},
{
"db": "CNNVD",
"id": "CNNVD-201308-068"
},
{
"db": "NVD",
"id": "CVE-2013-5023"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-08-19T00:00:00",
"db": "BID",
"id": "61833"
},
{
"date": "2013-08-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-003661"
},
{
"date": "2013-08-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201308-068"
},
{
"date": "2013-08-06T20:55:05.453000",
"db": "NVD",
"id": "CVE-2013-5023"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-03-19T08:27:00",
"db": "BID",
"id": "61833"
},
{
"date": "2013-10-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-003661"
},
{
"date": "2013-08-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201308-068"
},
{
"date": "2024-11-21T01:56:55.220000",
"db": "NVD",
"id": "CVE-2013-5023"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201308-068"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "National Instruments LabWindows/CVI and LabVIEW Of products such as NI Vulnerability in help links",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-003661"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "61833"
}
],
"trust": 0.3
}
}
Vulnerability from fkie_nvd
Published
2023-11-08 16:15
Modified
2024-11-21 08:41
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Summary
An incorrect permission assignment in the TopoGrafix DataPlugin for GPX could result in information disclosure. An attacker could exploit this vulnerability by getting a user to open a specially crafted data file.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ni:topografix_data_plugin:2023:-:*:*:*:gpx:*:*",
"matchCriteriaId": "15732407-23EA-4542-96A2-5C878FB8481F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ni:diadem:2014:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2B3E07-5832-4ABE-B7F8-EDFFC91940E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:diadem:2015:-:*:*:*:*:*:*",
"matchCriteriaId": "B3D7F82A-8406-4B50-A9BA-CCB34A974F87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:diadem:2015:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5CA88F99-AE0F-4B98-B86A-4B5289520DA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:diadem:2017:-:*:*:*:*:*:*",
"matchCriteriaId": "7A59840A-5F72-4FB9-8B67-A91439E7DA1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:diadem:2017:sp1:*:*:*:*:*:*",
"matchCriteriaId": "2DBC89AC-5BA4-432B-96D8-57A5E9B6A338",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:diadem:2018:-:*:*:*:*:*:*",
"matchCriteriaId": "C853AE58-D3C8-4627-A0D8-542382650932",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:diadem:2018:sp1:*:*:*:*:*:*",
"matchCriteriaId": "87C3A752-E66D-4F4C-B6FB-F572EAF092B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:diadem:2019:-:*:*:*:*:*:*",
"matchCriteriaId": "3F41FF00-1098-43B3-822A-8AC92B991F20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:diadem:2019:sp1:*:*:*:*:*:*",
"matchCriteriaId": "3525F92B-30ED-4798-BF89-14D8EFCD7CC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:diadem:2020:-:*:*:*:*:*:*",
"matchCriteriaId": "7D3458A8-E460-4297-A69F-C4DDE1D232F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:diadem:2020:sp1:*:*:*:*:*:*",
"matchCriteriaId": "49A24A9A-8601-49DA-8E7D-798D2E399273",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:diadem:2021:-:*:*:*:*:*:*",
"matchCriteriaId": "4101C29B-BB75-47B6-9D2D-BC5491969EEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:diadem:2021:sp1:*:*:*:*:*:*",
"matchCriteriaId": "10D8EBAC-D4CF-4841-AE65-5F8A1121788C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:diadem:2022:q2:*:*:*:*:*:*",
"matchCriteriaId": "7C10702F-B2C2-46FF-88FF-2A314B502ED4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:diadem:2022:q4:*:*:*:*:*:*",
"matchCriteriaId": "8C05E9A6-7B7D-4928-A60E-24942D4D51F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:diadem:2023:q2:*:*:*:*:*:*",
"matchCriteriaId": "9044BC02-8801-4DBD-8529-49DB7F0D3452",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ni:veristand:2013:sp1:*:*:*:*:*:*",
"matchCriteriaId": "F499514A-19DE-469D-9EF6-F7EC1E6810BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:veristand:2014:*:*:*:*:*:*:*",
"matchCriteriaId": "D68D0C2C-C42D-4B8C-A3D6-93A136E5DD21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:veristand:2015:-:*:*:*:*:*:*",
"matchCriteriaId": "29FA2254-FF6C-4FCA-8363-B36E4C38C6BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:veristand:2015:sp1:*:*:*:*:*:*",
"matchCriteriaId": "18577799-88E6-44C1-9477-3261EA98ED4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:veristand:2016:*:*:*:*:*:*:*",
"matchCriteriaId": "CA705301-337E-4162-8810-BF20B23CB9E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:veristand:2017:*:*:*:*:*:*:*",
"matchCriteriaId": "B5F1303A-A8D9-4E60-BB96-3B00AAAAD8A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:veristand:2018:-:*:*:*:*:*:*",
"matchCriteriaId": "4FAF54A5-268E-4A76-9C31-F3E2FE465464",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:veristand:2018:sp1:*:*:*:*:*:*",
"matchCriteriaId": "E98B7755-005F-4036-AF81-002F113DBCD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:veristand:2019:-:*:*:*:*:*:*",
"matchCriteriaId": "55743F60-FA68-494E-87B9-8E22787EEF4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:veristand:2019:r2:*:*:*:*:*:*",
"matchCriteriaId": "2CA4257E-5E97-46D6-BE97-205F6FC18CA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:veristand:2019:r3:*:*:*:*:*:*",
"matchCriteriaId": "541008B0-5703-4937-9304-C09645454085",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:veristand:2019:r3f1:*:*:*:*:*:*",
"matchCriteriaId": "5970C421-B8B1-459F-85DB-E74A0B31EDCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:veristand:2020:-:*:*:*:*:*:*",
"matchCriteriaId": "55ADD725-44EE-4F28-B9A3-923094352C4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:veristand:2020:r2:*:*:*:*:*:*",
"matchCriteriaId": "58D19502-B3F2-4D43-A4D2-CF6CD2E41E48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:veristand:2020:r3:*:*:*:*:*:*",
"matchCriteriaId": "AAF6DE83-A202-4A90-8B05-735D686FDB8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:veristand:2020:r4:*:*:*:*:*:*",
"matchCriteriaId": "C90473FA-81CB-4984-8B4C-2EE907ED9DC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:veristand:2020:r5:*:*:*:*:*:*",
"matchCriteriaId": "B09E4798-97D8-41B7-9E3C-A5D45F8C8CB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:veristand:2020:r6:*:*:*:*:*:*",
"matchCriteriaId": "03D1BFD1-E75E-4816-9D3B-380DACB50EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:veristand:2021:-:*:*:*:*:*:*",
"matchCriteriaId": "C0BC96D8-AB88-47BF-B956-818BF9C8E91E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:veristand:2021:r2:*:*:*:*:*:*",
"matchCriteriaId": "CD0B65DD-E62E-4D7F-90C4-EE8EACE23F8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:veristand:2021:r3:*:*:*:*:*:*",
"matchCriteriaId": "006E30B2-90DC-475D-835B-030A5801332F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:veristand:2023:q1:*:*:*:*:*:*",
"matchCriteriaId": "326C3FE1-6CE7-4FD4-9E8A-C14E1A0BE743",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:veristand:2023:q2:*:*:*:*:*:*",
"matchCriteriaId": "406FE5DA-02BE-4981-8F0E-C77840C5CB5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:veristand:2023:q3:*:*:*:*:*:*",
"matchCriteriaId": "2B89A08C-C66E-400A-A224-DF6ED111D565",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:veristand:2023:q4:*:*:*:*:*:*",
"matchCriteriaId": "2A151AB1-BD09-4DF0-B7DD-4D8E1E7E026C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ni:flexlogger:2018:r1:*:*:*:*:*:*",
"matchCriteriaId": "9C2C31C3-9D4C-4FEE-8457-31E9F66CD043",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:flexlogger:2018:r2:*:*:*:*:*:*",
"matchCriteriaId": "F16894B6-5151-41DE-A1AC-7FB3C23DC05F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:flexlogger:2018:r3:*:*:*:*:*:*",
"matchCriteriaId": "4BE623D6-DE16-40ED-82CF-3CCD975B5C92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:flexlogger:2018:r4:*:*:*:*:*:*",
"matchCriteriaId": "0375EAF9-35F8-43AB-A26D-79B1C74E6055",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:flexlogger:2019:r1:*:*:*:*:*:*",
"matchCriteriaId": "1E8E8A79-BCBA-42D0-A4D5-4134327FDB07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:flexlogger:2019:r2:*:*:*:*:*:*",
"matchCriteriaId": "91A2082B-47F5-4DFD-A9CE-115DB223B4A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:flexlogger:2019:r3:*:*:*:*:*:*",
"matchCriteriaId": "758C8631-05F4-415B-861A-FF47896756BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:flexlogger:2019:r4:*:*:*:*:*:*",
"matchCriteriaId": "CA0E5A70-2CE4-485F-97BC-CEF8FC2C6C62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:flexlogger:2020:r1:*:*:*:*:*:*",
"matchCriteriaId": "852AC7E1-DE18-4EAD-9079-7E3DF5EAD9A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:flexlogger:2020:r2:*:*:*:*:*:*",
"matchCriteriaId": "055A3E53-09AC-4CD4-8724-21E3F591550E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:flexlogger:2020:r3:*:*:*:*:*:*",
"matchCriteriaId": "BEE4C627-4298-469E-91BA-08C711F7EE14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:flexlogger:2020:r4:*:*:*:*:*:*",
"matchCriteriaId": "A7BB6592-DBC5-4D4C-96AD-CDE24E1F576A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:flexlogger:2021:r1:*:*:*:*:*:*",
"matchCriteriaId": "008505B6-6295-46CE-A923-27958172F026",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:flexlogger:2021:r2:*:*:*:*:*:*",
"matchCriteriaId": "CE96AE31-D36F-446A-96A5-46C762818A96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:flexlogger:2021:r3:*:*:*:*:*:*",
"matchCriteriaId": "336F1E07-92EE-4BF5-AA14-981BFB67965C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:flexlogger:2021:r4:*:*:*:*:*:*",
"matchCriteriaId": "7D3A4BF7-5BF0-4EE5-BF7C-8C514D6238B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:flexlogger:2022:q2:*:*:*:*:*:*",
"matchCriteriaId": "0213180D-04BD-4979-88BE-B21F385469CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:flexlogger:2022:q4:*:*:*:*:*:*",
"matchCriteriaId": "A336AAE6-FA87-4900-AECD-12997D064A64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:flexlogger:2023:q1:*:*:*:*:*:*",
"matchCriteriaId": "CBFBD9F4-9FFF-44B2-8E95-2DEAC4476A88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:flexlogger:2023:q2:*:*:*:*:*:*",
"matchCriteriaId": "FA33AE39-F976-4C56-9A4B-8932BC6855C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:flexlogger:2023:q3:*:*:*:*:*:*",
"matchCriteriaId": "21C2A279-F66F-49D3-A4A8-1D56FEF22B6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:flexlogger:2023:q4:*:*:*:*:*:*",
"matchCriteriaId": "08133BDF-895D-4D2A-8DAB-C02766DE86B1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An incorrect permission assignment in the TopoGrafix DataPlugin for GPX could result in information disclosure. An attacker could exploit this vulnerability by getting a user to open a specially crafted data file."
},
{
"lang": "es",
"value": "Una asignaci\u00f3n de permiso incorrecta en TopoGrafix DataPlugin para GPX podr\u00eda resultar en la divulgaci\u00f3n de informaci\u00f3n. Un atacante podr\u00eda aprovechar esta vulnerabilidad haciendo que un usuario abra un archivo de datos especialmente manipulado."
}
],
"id": "CVE-2023-5136",
"lastModified": "2024-11-21T08:41:08.100",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "security@ni.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-11-08T16:15:11.067",
"references": [
{
"source": "security@ni.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ni.com/en/support/documentation/supplemental/23/incorrect-permission-assignment-in-the-topografix-dataplug-for-gpx.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ni.com/en/support/documentation/supplemental/23/incorrect-permission-assignment-in-the-topografix-dataplug-for-gpx.html"
}
],
"sourceIdentifier": "security@ni.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-611"
}
],
"source": "security@ni.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-732"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-08-06 20:55
Modified
2025-04-11 00:51
Severity ?
Summary
The ActiveX controls in the HelpAsst component in NI Help Links in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products allow remote attackers to cause a denial of service by triggering the display of local .chm files.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ni | diadem | * | |
| ni | labview | * | |
| ni | labwindows | * | |
| ni | measurementstudio | * | |
| ni | teststand | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ni:diadem:*:*:*:*:*:*:*:*",
"matchCriteriaId": "651A3465-0A7A-4EE2-B46E-D1E6972767A6",
"versionEndIncluding": "2012",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:labview:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3815CFE4-4E5E-44BB-B206-520C39DE3674",
"versionEndIncluding": "2012",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:labwindows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC46A398-C8F3-49B2-BDDE-20DEA80EC941",
"versionEndIncluding": "2012",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:measurementstudio:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A12E5F42-B2FC-48F4-8D04-5B59A3869461",
"versionEndIncluding": "2013",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ni:teststand:*:*:*:*:*:*:*:*",
"matchCriteriaId": "68051582-D70F-4B32-A9F9-64A5E33CB481",
"versionEndIncluding": "2012",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ActiveX controls in the HelpAsst component in NI Help Links in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products allow remote attackers to cause a denial of service by triggering the display of local .chm files."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en un control ActiveX en el componente HelpAsst en NI Help Links in National Instruments LabWindows/CVI, LabVIEW, y otros productos, tiene un impacto desconocido y vectores de ataque remotos."
}
],
"id": "CVE-2013-5023",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-08-06T20:55:05.453",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://digital.ni.com/public.nsf/allkb/E6BC4F119D49A97A86257BD3004FE019?OpenDocument"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://digital.ni.com/public.nsf/websearch/507DEC9DA57A708186257B3600512623?OpenDocument"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://digital.ni.com/public.nsf/websearch/5C87A3AA7300868986257B3600501FE6?OpenDocument"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://digital.ni.com/public.nsf/allkb/E6BC4F119D49A97A86257BD3004FE019?OpenDocument"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://digital.ni.com/public.nsf/websearch/507DEC9DA57A708186257B3600512623?OpenDocument"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://digital.ni.com/public.nsf/websearch/5C87A3AA7300868986257B3600501FE6?OpenDocument"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}