CVE-2017-9962

Schneider Electric's ClearSCADA versions released prior to August 2017 are susceptible to a memory allocation vulnerability, whereby malformed requests can be sent to ClearSCADA client applications to cause unexpected behavior. Client applications affected include ViewX and the Server Icon.

Publication date: Tue, 26 Sep 2017 06:29:00 +0000

Cyber News related to CVE-2017-9962

CVE-2016-11059 - Certain NETGEAR devices are affected by password exposure. This affects AC1450 before 2017-01-06, C6300 before 2017-01-06, D500 before 2017-01-06, D1500 before 2017-01-06, D3600 before 2017-01-06, D6000 before 2017-01-06, D6100 before 2017-01-06, ...
4 years ago

CVE-2018-0688 - Open redirect vulnerability in SEIKO EPSON printers and scanners (DS-570W firmware versions released prior to 2018 March 13, DS-780N firmware versions released prior to 2018 March 13, EP-10VA firmware versions released prior to 2017 September 4, ...
5 years ago

CVE-2018-0689 - HTTP header injection vulnerability in SEIKO EPSON printers and scanners (DS-570W firmware versions released prior to 2018 March 13, DS-780N firmware versions released prior to 2018 March 13, EP-10VA firmware versions released prior to 2017 September ...
5 years ago

CVE-2020-14300 - The docker packages version docker-1.13.1-108.git4ef4b30.el7 as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 (https://access.redhat.com/errata/RHBA-2020:0053) included an incorrect version of runc that was missing multiple bug ...
2 years ago

CVE-2017-12091 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-14462, CVE-2017-14463, CVE-2017-14464, CVE-2017-14465, CVE-2017-14466, CVE-2017-14467, CVE-2017-14468, CVE-2017-14469, CVE-2017-14470, CVE-2017-14471, CVE-2017-14472, and ...
55 years ago Tenable.com

CVE-2017-11908 - ChakraCore and Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is ...
7 years ago

CVE-2017-11916 - ChakraCore allows an attacker to execute arbitrary code in the context of the current user, due to how the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique ...
7 years ago

CVE-2017-11913 - Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in ...
7 years ago

CVE-2017-11912 - ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows ...
7 years ago

CVE-2017-11910 - ChakraCore and Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine ...
7 years ago

CVE-2017-11914 - ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine ...
5 years ago

CVE-2017-11907 - Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the same user rights ...
5 years ago

CVE-2017-11909 - ChakraCore and Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory ...
5 years ago

CVE-2017-11911 - ChakraCore and Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory ...
5 years ago

CVE-2017-11918 - ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting ...
5 years ago

CVE-2017-0114 - Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure ...
7 years ago

CVE-2017-0092 - Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure ...
7 years ago

CVE-2017-0122 - Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure ...
7 years ago

CVE-2017-0116 - Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure ...
7 years ago

CVE-2017-0125 - Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure ...
7 years ago

CVE-2017-0119 - Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure ...
7 years ago

CVE-2017-0117 - Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure ...
7 years ago

CVE-2017-0127 - Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure ...
7 years ago

CVE-2017-0115 - Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure ...
7 years ago

CVE-2017-0091 - Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure ...
7 years ago

Latest Cyber News

BadPilot Attacking Network Devices To Expand Russian Seashell Blizzard's Attacks - 30 minutes ago
CrowdStrike Falcon Sensor for Linux TLS Vulnerability Enabling MiTM Attack - 2 hours ago
Massive IoT Data Breach Exposes 2.7 Billion Records, Including Wi-Fi Passwords - 3 hours ago
PAN-OS Vulnerability Let Attackers Bypass Web Interface Authentication - 4 hours ago
Chrome use-after-free Vulnerability Let Attackers Execute Code Remotely - 4 hours ago
Japan Goes on Offense With New 'Active Cyber Defense' Bill - 4 hours ago
zkLend loses $9.5M in crypto heist, asks hacker to return 90% - 7 hours ago
Surge in attacks exploiting old ThinkPHP and ownCloud flaws - 7 hours ago
Trump to Nominate Ex-RNC Official as National Cyber Director - 7 hours ago
Cybercrime evolving into national security threat: Google | The Record from Recorded Future News - 8 hours ago
Ransomware attack disrupting Michigan's Sault Tribe operations | The Record from Recorded Future News - 9 hours ago
Feds Sanction Russian Hosting Provider Over LockBit Attacks - 11 hours ago
Sarcoma ransomware claims breach at giant PCB maker Unimicron - 11 hours ago
US reportedly releases Russian cybercrime figure Alexander Vinnik in prisoner swap | The Record from Recorded Future News - 11 hours ago
DPRK hackers dupe targets into typing PowerShell commands as admin - 12 hours ago
Ivanti fixes three critical flaws in Connect Secure & Policy Secure - 13 hours ago
How to Track Advanced Persistent Threats (APT) Using Threat Intelligence Lookup Tool - 13 hours ago
BadPilot network hacking campaign fuels Russian SandWorm attacks - 13 hours ago
Microsoft: Russia's Sandworm APT Exploits Edge Bugs Globally - 13 hours ago
CVE-2025-1207 - 14 hours ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

BadPilot Attacking Network Devices To Expand Russian Seashell Blizzard's Attacks - 30 minutes ago
CrowdStrike Falcon Sensor for Linux TLS Vulnerability Enabling MiTM Attack - 2 hours ago
Massive IoT Data Breach Exposes 2.7 Billion Records, Including Wi-Fi Passwords - 3 hours ago
PAN-OS Vulnerability Let Attackers Bypass Web Interface Authentication - 4 hours ago
Chrome use-after-free Vulnerability Let Attackers Execute Code Remotely - 4 hours ago
Japan Goes on Offense With New 'Active Cyber Defense' Bill - 4 hours ago
zkLend loses $9.5M in crypto heist, asks hacker to return 90% - 7 hours ago
Surge in attacks exploiting old ThinkPHP and ownCloud flaws - 7 hours ago
Trump to Nominate Ex-RNC Official as National Cyber Director - 7 hours ago
Cybercrime evolving into national security threat: Google | The Record from Recorded Future News - 8 hours ago
Ransomware attack disrupting Michigan's Sault Tribe operations | The Record from Recorded Future News - 9 hours ago
US reportedly releases Russian cybercrime figure Alexander Vinnik in prisoner swap | The Record from Recorded Future News - 11 hours ago
BadPilot network hacking campaign fuels Russian SandWorm attacks - 13 hours ago
Ivanti fixes three critical flaws in Connect Secure & Policy Secure - 13 hours ago
DPRK hackers dupe targets into typing PowerShell commands as admin - 12 hours ago
Sarcoma ransomware claims breach at giant PCB maker Unimicron - 11 hours ago
How to Track Advanced Persistent Threats (APT) Using Threat Intelligence Lookup Tool - 13 hours ago
Microsoft: Russia's Sandworm APT Exploits Edge Bugs Globally - 13 hours ago
Feds Sanction Russian Hosting Provider Over LockBit Attacks - 11 hours ago
CVE-2023-40721 - 1 day ago