CVE-2014-8269

Honeywell OPOS Suite < 1.13.4.14 - Remote Code Execution via Crafted File in Open Method

Title source: llm
STIX 2.1

Description

Multiple stack-based buffer overflows in (1) HWOPOSScale.ocx and (2) HWOPOSSCANNER.ocx in Honeywell OPOS Suite before 1.13.4.15 allow remote attackers to execute arbitrary code via a crafted file that is improperly handled by the Open method.

References (3)

Core 3
Core References
Third Party Advisory x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-14-423/
Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/659684
Third Party Advisory x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-14-424/

Scores

EPSS 0.0475
EPSS Percentile 90.8%

Details

CWE
CWE-119
Status published
Products (1)
honeywell/opos_suite < 1.13.4.14
Published Dec 13, 2014
Tracked Since Feb 18, 2026