CVE-2013-0726
43Vexday Risk Score
Patch soon. It has a working public exploit.
ssvc Attendepss 28%
from disclosure to weapon9 days
Published on NVDMay 5
1st PoC+9d
metasploitApr 23
exploitation probability
28%top 2% of all CVEs
observed exploitation
nono source reports it
1 public exploit(s)
Stack-based buffer overflow in the ERM_convert_to_correct_webpath function in ermapper_u.dll in ERDAS ER Viewer before 13.00.0001 allows remote attackers to execute arbitrary code via a crafted pathname in an ERS file.
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/25448unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
References
http://secunia.com/advisories/51725