CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-10636

CNCSoft Version 1.00.83 and prior with ScreenEditor Version 1.00.54 has multiple stack-based buffer overflow vulnerabilities that could cause the software to crash due to lacking user input validation before copying data from project files onto the stack. Which may allow an attacker to gain remote code execution with administrator privileges if exploited.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.046

EPSS Ranking 88.7%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 9.3

References

http://www.securityfocus.com/bid/105032
https://ics-cert.us-cert.gov/advisories/ICSA-18-219-01
http://www.securityfocus.com/bid/105032
https://ics-cert.us-cert.gov/advisories/ICSA-18-219-01

Products affected by CVE-2018-10636

Deltaww » Cncsoft » Version: 1.00.83

cpe:2.3:a:deltaww:cncsoft:1.00.83
Deltaww » Screeneditor » Version: 1.00.54

cpe:2.3:a:deltaww:screeneditor:1.00.54

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-10636

Products

Pricing

Contact Us