Vulnerability Details CVE-2015-6478
Unitronics VisiLogic OPLC IDE before 9.8.02 does not properly restrict access to ActiveX controls, which allows remote attackers to have an unspecified impact via a crafted web site.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.026
EPSS Ranking 85.0%
CVSS Severity
CVSS v2 Score 6.8
References
- http://www.securityfocus.com/bid/77571
- http://www.zerodayinitiative.com/advisories/ZDI-15-573
- http://www.zerodayinitiative.com/advisories/ZDI-15-577
- http://www.zerodayinitiative.com/advisories/ZDI-15-578
- http://www.zerodayinitiative.com/advisories/ZDI-15-579
- http://www.zerodayinitiative.com/advisories/ZDI-15-580
- https://ics-cert.us-cert.gov/advisories/ICSA-15-274-02
- http://www.securityfocus.com/bid/77571
- http://www.zerodayinitiative.com/advisories/ZDI-15-573
- http://www.zerodayinitiative.com/advisories/ZDI-15-577
- http://www.zerodayinitiative.com/advisories/ZDI-15-578
- http://www.zerodayinitiative.com/advisories/ZDI-15-579
- http://www.zerodayinitiative.com/advisories/ZDI-15-580
- https://ics-cert.us-cert.gov/advisories/ICSA-15-274-02
Products affected by CVE-2015-6478
-
cpe:2.3:a:unitronics:visilogic_oplc_ide:9.8.0.00