CVE

Id
53500  
CVE No.
CVE-2012-0257  
Status
Candidate  
Description
Heap-based buffer overflow in the WWCabFile ActiveX component in the Wonderware System Platform in Invensys Wonderware Application Server 2012 and earlier, Foxboro Control Software 3.1 and earlier, InFusion CE/FE/SCADA 2.5 and earlier, Wonderware Information Server 4.5 and earlier, ArchestrA Application Object Toolkit 3.2 and earlier, and InTouch 10.0 through 10.5 might allow remote attackers to execute arbitrary code via a long string to the Open member, leading to a function-pointer overwrite.  
Phase
Assigned (20111221)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
564706 53500 CVE-2012-0257 MISC:http://www.us-cert.gov/control_systems/pdf/ICSA-12-081-01.pdf  View
564707 53500 CVE-2012-0257 MISC:https://wdnresource.wonderware.com/support/docs/_SecurityBulletins/Security_Bulletin_LFSEC00000071.pdf  View
564708 53500 CVE-2012-0257 OSVDB:80891  View
564709 53500 CVE-2012-0257 URL:http://osvdb.org/80891  View
564710 53500 CVE-2012-0257 SECUNIA:48675  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
30395 JVNDB-2012-006103 op5 Monitor および op5 Appliance の system-op5config の op5config/welcome における任意のコマンドを実行される脆弱性 op5 Monitor および op5 Appliance の system-op5config の op5config/welcome には、任意のコマンドを実行される脆弱性が存在します。 CVE-2012-0262 53500 10 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-006103.html  View