How severe is CVE-2019-12870?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.8 out of 10.

What type of vulnerability is CVE-2019-12870?

This is classified as CWE-824, which is a common weakness in software security.

CVE-2019-12870

HIGH Year: 2019

CVSS v3 Score

8.8

High

CVSS v2 Score

6.8

Medium

Weakness Type

CWE-824

View all →

Vulnerability Description

An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Worx Express through 1.86, and Config+ through 1.86. A manipulated PC Worx or Config+ project file could lead to an Uninitialized Pointer and remote code execution. The attacker needs to get access to an original PC Worx or Config+ project file to be able to manipulate it. After manipulation, the attacker needs to exchange the original file with the manipulated one on the application programming workstation.

CVE-2015-1770

HIGH

CVSS:8.8(High)

Microsoft Office 2013 SP1 and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Uninitialized Memory Use Vulnerability."

CWE-8242015

CVE-2016-1005

HIGH

CVSS:8.8(High)

Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Ado...

CWE-8242016

CVE-2016-4343

HIGH

CVSS:8.8(High)

The phar_make_dirstream function in ext/phar/dirstream.c in PHP before 5.6.18 and 7.x before 7.0.3 mishandles zero-size ././@LongLink files, which allows remote attackers to cause a denial of service ...

CWE-8242016

CVE-2017-16377

HIGH

CVSS:8.8(High)

An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. Th...

CWE-8242017

CVE-2017-16378

HIGH

CVSS:8.8(High)

CWE-8242017

CVE-2018-3842

HIGH

CVSS:8.8(High)

An exploitable use of an uninitialized pointer vulnerability exists in the JavaScript engine in Foxit PDF Reader version 9.0.1.1049. A specially crafted PDF document can lead to a dereference of an un...

CWE-8242018

CVE-2019-12870

Vulnerability Description

Related Vulnerabilities

CVE-2015-1770

CVE-2016-1005

CVE-2016-4343

CVE-2017-16377

CVE-2017-16378

CVE-2018-3842