CVE-2013-5022: Path Traversal
First published: Tue Aug 06 2013(Updated: )
Absolute path traversal vulnerability in the 3D Graph ActiveX control in cw3dgrph.ocx in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products allows remote attackers to create and execute arbitrary files via a full pathname in an argument to the ExportStyle method, in conjunction with file content in the (1) Caption or (2) FormatString property value.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| NI LabVIEW | <=2012 | |
| Ni Labwindows | <=2012 | |
| Ni Measurementstudio | <=2013 | |
| Ni Teststand | <=2012 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/severity
- agent/author
- agent/weakness
- agent/references
- agent/last-modified-date
- agent/tags
- agent/first-publish-date
- agent/description
- agent/event
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/ni
- canonical/ni labview
- version/ni labview/2012
- canonical/ni labwindows
- version/ni labwindows/2012
- canonical/ni measurementstudio
- version/ni measurementstudio/2013
- canonical/ni teststand
- version/ni teststand/2012