CVE-2015-8561 Information

Description

The F1BookView ActiveX control in F1 Bookview in Schneider Electric ProClima before 6.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted integer value to the (1) AttachToSS (2) CopyAll (3) CopyRange (4) CopyRangeEx or (5) SwapTable method a different vulnerability than CVE-2015-7918.

Reference

http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-329-01 http://www.zerodayinitiative.com/advisories/ZDI-15-626 http://www.zerodayinitiative.com/advisories/ZDI-15-627 http://www.zerodayinitiative.com/advisories/ZDI-15-628 http://www.zerodayinitiative.com/advisories/ZDI-15-629 https://ics-cert.us-cert.gov/advisories/ICSA-15-335-02