SecuritySpace - CVE-2014-0773

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2014-0773

Description: The CreateProcess method in the BWOCXRUN.BwocxrunCtrl.1 ActiveX control in bwocxrun.ocx in Advantech WebAccess before 7.2 allows remote attackers to execute (1) setup.exe, (2) bwvbprt.exe, and (3) bwvbprtl.exe programs from arbitrary pathnames via a crafted argument, as demonstrated by a UNC share pathname.

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2014-0773
http://ics-cert.us-cert.gov/advisories/ICSA-14-079-03

CVE ID:	CVE-2014-0773
Description:	The CreateProcess method in the BWOCXRUN.BwocxrunCtrl.1 ActiveX control in bwocxrun.ocx in Advantech WebAccess before 7.2 allows remote attackers to execute (1) setup.exe, (2) bwvbprt.exe, and (3) bwvbprtl.exe programs from arbitrary pathnames via a crafted argument, as demonstrated by a UNC share pathname.
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2014-0773 http://ics-cert.us-cert.gov/advisories/ICSA-14-079-03