Medium
CVE-2019-10996
Multiple vulnerabilities can be exploited when a valid user opens a specially crafted, malicious input file that can reference memory after it has been freed.
CVE-2019-10978
Multiple vulnerabilities can be exploited when a valid user opens a specially crafted, malicious input file that operates outside of the designated memory area.
CVE-2019-10984
Multiple vulnerabilities can be exploited when a valid user opens a specially crafted, malicious input file that causes the program to mishandle pointers.
CVE-2019-10990
Crimson uses a hard-coded password to encrypt protected files in transit and at rest, which may allow an attacker to access configuration files.
Red Lion Controls