CVE-2015-8561

Currently unrated

Key Information:

Vendor: Schneider Electric
Status: Proclima
Vendor: CVE Published:; 15 December 2015

Summary

The F1BookView ActiveX control in F1 Bookview in Schneider Electric ProClima before 6.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted integer value to the (1) AttachToSS, (2) CopyAll, (3) CopyRange, (4) CopyRangeEx, or (5) SwapTable method, a different vulnerability than CVE-2015-7918.

References

http://www.zerodayinitiative.com/advisories/ZDI-15-628

x_refsource_MISC

http://www.zerodayinitiative.com/advisories/ZDI-15-626

x_refsource_MISC

https://ics-cert.us-cert.gov/advisories/ICSA-15-335-02

x_refsource_MISC

EPSS Score

22% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Dec 15, 2015