CVE

Id
53501  
CVE No.
CVE-2012-0258  
Status
Candidate  
Description
Heap-based buffer overflow in the WWCabFile ActiveX component in the Wonderware System Platform in Invensys Wonderware Application Server 2012 and earlier, Foxboro Control Software 3.1 and earlier, InFusion CE/FE/SCADA 2.5 and earlier, Wonderware Information Server 4.5 and earlier, ArchestrA Application Object Toolkit 3.2 and earlier, and InTouch 10.0 through 10.5 might allow remote attackers to execute arbitrary code via a long string to the AddFile member.  
Phase
Assigned (20111221)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
564711 53501 CVE-2012-0258 MISC:http://www.us-cert.gov/control_systems/pdf/ICSA-12-081-01.pdf  View
564712 53501 CVE-2012-0258 MISC:https://wdnresource.wonderware.com/support/docs/_SecurityBulletins/Security_Bulletin_LFSEC00000071.pdf  View
564713 53501 CVE-2012-0258 OSVDB:80891  View
564714 53501 CVE-2012-0258 URL:http://osvdb.org/80891  View
564715 53501 CVE-2012-0258 SECUNIA:48675  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
30396 JVNDB-2012-006104 op5 Monitor および op5 Appliance の monitor/index.php における重要な情報を取得される脆弱性 op5 Monitor および op5 Appliance の monitor/index.php には、データベースやユーザの認証情報などの重要な情報を取得される脆弱性が存在します。 CVE-2012-0263 53501 4 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-006104.html  View