CVE-2012-0258

02.04.2012, 20:55

Heap-based buffer overflow in the WWCabFile ActiveX component in the Wonderware System Platform in Invensys Wonderware Application Server 2012 and earlier, Foxboro Control Software 3.1 and earlier, InFusion CE/FE/SCADA 2.5 and earlier, Wonderware Information Server 4.5 and earlier, ArchestrA Application Object Toolkit 3.2 and earlier, and InTouch 10.0 through 10.5 might allow remote attackers to execute arbitrary code via a long string to the AddFile member.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Vector
NIST	NIST	6.8 UNKNOWN	NETWORK	MEDIUM	AV:N/AC:M/Au:N/C:P/I:P/A:P
certcc	CNA	---			---
CVE	ADP	---			---

Base Score

CVSS 3.x

EPSS Score

Percentile: 86%

Vendor	Product	Version
invensys	archestra_application_object_toolkit	𝑥 ≤ 3.2
invensys	foxboro_control_software	𝑥 ≤ 3.1
invensys	infusion_control_edition	𝑥 ≤ 2.5
invensys	infusion_foundation_edition	𝑥 ≤ 2.5
invensys	infusion_scada	𝑥 ≤ 2.5
invensys	intouch	10.0
invensys	intouch	10.5
invensys	wonderware_application_server	𝑥 ≤ 2012
invensys	wonderware_information_server	𝑥 ≤ 4.5
invensys	wonderware_information_server	3.1
invensys	wonderware_information_server	4.0
invensys	wonderware_information_server	4.0:sp1

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

References

http://osvdb.org/80891

http://secunia.com/advisories/48675

http://www.us-cert.gov/control_systems/pdf/ICSA-12-081-01.pdf

https://wdnresource.wonderware.com/support/docs/_SecurityBulletins/Security_Bulletin_LFSEC00000071.pdf

http://osvdb.org/80891

http://secunia.com/advisories/48675

http://www.us-cert.gov/control_systems/pdf/ICSA-12-081-01.pdf

https://wdnresource.wonderware.com/support/docs/_SecurityBulletins/Security_Bulletin_LFSEC00000071.pdf