Skip to main content

Incorrect Type Conversion or Cast

CVE-2018-19019

Severity High
Score 7.3/10

Summary

A type confusion vulnerability exists when processing project files in CX-Supervisor (Versions 3.42 and prior). An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application.

  • LOW
  • LOCAL
  • HIGH
  • UNCHANGED
  • REQUIRED
  • LOW
  • HIGH
  • HIGH

CWE-704 - Incorrect Type Conversion or Cast

The software does not correctly convert an object, resource, or structure from one type to a different type.

References

Advisory Timeline

  • Published