VYPR

Wonderware Hmi Reports

by Invensys

CVEs (2)

  • CVE-2011-4039Feb 10, 2012
    risk 0.00cvss epss 0.04

    Invensys Wonderware HMI Reports 3.42.835.0304 and earlier, as used in Ocean Data Systems Dream Report before 4.0 and other products, allows user-assisted remote attackers to execute arbitrary code via a malformed file that triggers a "write access violation."

  • CVE-2011-4038Feb 10, 2012
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in Invensys Wonderware HMI Reports 3.42.835.0304 and earlier, as used in Ocean Data Systems Dream Report before 4.0 and other products, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.