Absolute path traversal vulnerability in the 3D Graph ActiveX control in cw3dgrph.ocx in National Instruments LabWindows/CVI 2012 SP1 and previous versions, LabVIEW 2012 SP1 and previous versions, and other products allows remote malicious users to create and execute arbitrary files via a full pathname in an argument to the ExportStyle method, in conjunction with file content in the (1) Caption or (2) FormatString property value.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ni teststand |
||
ni measurementstudio |
||
ni labview |
||
ni labwindows |