[Forgot Password]
Login  Register Subscribe

23631

 
 

117918

 
 

98218

 
 

909

 
 

79224

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2012-3007

Date: (C)2012-07-04   (M)2015-12-16 


Stack-based buffer overflow in slssvc.exe before 58.x in Invensys Wonderware SuiteLink in the Invensys System Platform software suite, as used in InTouch/Wonderware Application Server IT before 10.5 and WAS before 3.5, DASABCIP before 4.1 SP2, DASSiDirect before 3.0, DAServer Runtime Components before 3.0 SP2, and other products, allows remote attackers to cause a denial of service (daemon crash or hang) via a long Unicode string.

CVSS Score: 5.0Access Vector: NETWORK
Exploit Score: 10.0Access Complexity: LOW
Impact Score: 2.9Authentication: NONE
 Confidentiality: NONE
 Integrity: NONE
 Availability: PARTIAL





Reference:
SECUNIA-49173
BID-53563
http://www.us-cert.gov/control_systems/pdf/ICSA-12-171-01.pdf

CPE    11
cpe:/a:invensys:wonderware_application_server:3.1
cpe:/a:invensys:wonderware_application_server:3.0
cpe:/a:invensys:wonderware_application_server:3.1:sp1
cpe:/a:invensys:wonderware_application_server:3.1:sp2
...
CWE    1
CWE-119

© 2013 SecPod Technologies