CVE-2014-2367

Summary

The ChkCookie subroutine in an ActiveX control in broadweb/include/gChkCook.asp in Advantech WebAccess before 7.2 allows remote attackers to read arbitrary files via a crafted call.

Affected Software

VendorProductVersion RangeStatus
AdvantechWebAccess0 <= 7.1affected
AdvantechWebAccess7.2unaffected

Weaknesses

  • CWE-592: CWE-592

ADP Enrichment

CVE Program Container

Additional References

References