CVE-2015-7918

Schneider Electric ProClima <6.2 - Buffer Overflow

Title source: llm
STIX 2.1

Description

Multiple buffer overflows in the F1BookView ActiveX control in F1 Bookview in Schneider Electric ProClima before 6.2 allow remote attackers to execute arbitrary code via the (1) Attach, (2) DefinedName, (3) DefinedNameLocal, (4) ODBCPrepareEx, (5) ObjCreatePolygon, (6) SetTabbedTextEx, or (7) SetValidationRule method, a different vulnerability than CVE-2015-8561.

References (9)

Core 9
Core References
Third Party Advisory x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-15-631
Third Party Advisory x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-15-625
Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-15-335-02
Third Party Advisory x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-15-634
Third Party Advisory x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-15-632
Third Party Advisory x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-15-630
Third Party Advisory x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-15-633
Third Party Advisory x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-15-635

Scores

EPSS 0.1326
EPSS Percentile 94.2%

Details

CWE
CWE-119
Status published
Products (1)
schneider-electric/proclima < 6.1
Published Dec 15, 2015
Tracked Since Feb 18, 2026