CVE-2015-2092

Agilent Technologies Feature Extraction - Remote Code Execution via AnnotationX.AnnList.1 ActiveX Insert Function

Title source: llm
STIX 2.1

Description

The AnnotationX.AnnList.1 ActiveX control in Agilent Technologies Feature Extraction allows remote attackers to execute arbitrary code via a crafted object parameter in the Insert function, related to "Index Out-Of-Bounds."

References (2)

Core 2
Core References
Third Party Advisory x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-15-053/
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/72840

Scores

EPSS 0.0279
EPSS Percentile 84.7%

Details

CWE
CWE-119
Status published
Products (1)
agilent_technologies/feature_extraction
Published Mar 09, 2015
Tracked Since Feb 18, 2026