CVE-2012-0258 - OpenCVE

Heap-based buffer overflow in the WWCabFile ActiveX component in the Wonderware System Platform in Invensys Wonderware Application Server 2012 and earlier, Foxboro Control Software 3.1 and earlier, InFusion CE/FE/SCADA 2.5 and earlier, Wonderware Information Server 4.5 and earlier, ArchestrA Application Object Toolkit 3.2 and earlier, and InTouch 10.0 through 10.5 might allow remote attackers to execute arbitrary code via a long string to the AddFile member.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Invensys	Intouch Infusion Scada Wonderware Application Server Archestra Application Object Toolkit Foxboro Control Software Infusion Control Edition Wonderware Information Server Infusion Foundation Edition

Configuration 1 [-]

OR	cpe:2.3:a:invensys:archestra_application_object_toolkit::::::::
	cpe:2.3:a:invensys:foxboro_control_software::::::::
	cpe:2.3:a:invensys:infusion_control_edition::::::::
	cpe:2.3:a:invensys:infusion_foundation_edition::::::::
	cpe:2.3:a:invensys:infusion_scada::::::::
	cpe:2.3:a:invensys:intouch:10.0:::::::*
	cpe:2.3:a:invensys:intouch:10.5:::::::*
	cpe:2.3:a:invensys:wonderware_application_server::::::::
	cpe:2.3:a:invensys:wonderware_information_server::::::::
	cpe:2.3:a:invensys:wonderware_information_server:3.1:::::::*
	cpe:2.3:a:invensys:wonderware_information_server:4.0:::::::*
	cpe:2.3:a:invensys:wonderware_information_server:4.0:sp1::::::

References

Link	Resource
http://osvdb.org/80891
http://secunia.com/advisories/48675
http://www.us-cert.gov/control_systems/pdf/ICSA-12-081-01.pdf	US Government Resource
https://wdnresource.wonderware.com/support/docs/_SecurityBulletins/Security_Bulletin_LFSEC00000071.pdf

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: certcc

Published: 2012-04-02T20:00:00

Updated: 2012-11-20T10:00:00

Reserved: 2011-12-21T00:00:00

Link: CVE-2012-0258

JSON object: View

NVD Information

Status : Modified

Published: 2012-04-02T20:55:02.230

Modified: 2013-03-26T03:32:04.703

Link: CVE-2012-0258

JSON object: View

Redhat Information

No data.

CWE

CWE-119

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-03-30T00:00:00", "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in the WWCabFile ActiveX component in the Wonderware System Platform in Invensys Wonderware Application Server 2012 and earlier, Foxboro Control Software 3.1 and earlier, InFusion CE/FE/SCADA 2.5 and earlier, Wonderware Information Server 4.5 and earlier, ArchestrA Application Object Toolkit 3.2 and earlier, and InTouch 10.0 through 10.5 might allow remote attackers to execute arbitrary code via a long string to the AddFile member."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2012-11-20T10:00:00", "orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://wdnresource.wonderware.com/support/docs/_SecurityBulletins/Security_Bulletin_LFSEC00000071.pdf"}, {"name": "80891", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/80891"}, {"name": "48675", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/48675"}, {"tags": ["x_refsource_MISC"], "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-081-01.pdf"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cert@cert.org", "ID": "CVE-2012-0258", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Heap-based buffer overflow in the WWCabFile ActiveX component in the Wonderware System Platform in Invensys Wonderware Application Server 2012 and earlier, Foxboro Control Software 3.1 and earlier, InFusion CE/FE/SCADA 2.5 and earlier, Wonderware Information Server 4.5 and earlier, ArchestrA Application Object Toolkit 3.2 and earlier, and InTouch 10.0 through 10.5 might allow remote attackers to execute arbitrary code via a long string to the AddFile member."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://wdnresource.wonderware.com/support/docs/_SecurityBulletins/Security_Bulletin_LFSEC00000071.pdf", "refsource": "MISC", "url": "https://wdnresource.wonderware.com/support/docs/_SecurityBulletins/Security_Bulletin_LFSEC00000071.pdf"}, {"name": "80891", "refsource": "OSVDB", "url": "http://osvdb.org/80891"}, {"name": "48675", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/48675"}, {"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-081-01.pdf", "refsource": "MISC", "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-081-01.pdf"}]}}}}, "cveMetadata": {"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "assignerShortName": "certcc", "cveId": "CVE-2012-0258", "datePublished": "2012-04-02T20:00:00", "dateReserved": "2011-12-21T00:00:00", "dateUpdated": "2012-11-20T10:00:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:invensys:archestra_application_object_toolkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "DCC6A67B-2844-4839-8CA2-C612C5B1EACB", "versionEndIncluding": "3.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:invensys:foxboro_control_software:*:*:*:*:*:*:*:*", "matchCriteriaId": "F7F29DDE-04A2-462F-BA35-C1B27B9E96DF", "versionEndIncluding": "3.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:invensys:infusion_control_edition:*:*:*:*:*:*:*:*", "matchCriteriaId": "3FBBD076-515A-470F-9C29-A902C2042A24", "versionEndIncluding": "2.5", "vulnerable": true}, {"criteria": "cpe:2.3:a:invensys:infusion_foundation_edition:*:*:*:*:*:*:*:*", "matchCriteriaId": "4D10B2C8-CC92-491E-91F6-EAD96E878BE3", "versionEndIncluding": "2.5", "vulnerable": true}, {"criteria": "cpe:2.3:a:invensys:infusion_scada:*:*:*:*:*:*:*:*", "matchCriteriaId": "EAACC06C-4E8C-4E66-B007-E6BC9DAFEEAF", "versionEndIncluding": "2.5", "vulnerable": true}, {"criteria": "cpe:2.3:a:invensys:intouch:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "3BDF7AED-4176-4EB8-8557-582BA29B63D2", "vulnerable": true}, {"criteria": "cpe:2.3:a:invensys:intouch:10.5:*:*:*:*:*:*:*", "matchCriteriaId": "EF608404-2B0D-4FD1-9768-E984AE5F23D4", "vulnerable": true}, {"criteria": "cpe:2.3:a:invensys:wonderware_application_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "550932A9-9B6A-439A-A5A4-CAFB24DB28C8", "versionEndIncluding": "2012", "vulnerable": true}, {"criteria": "cpe:2.3:a:invensys:wonderware_information_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "C4265378-CF22-42AC-B63C-73F96507E680", "versionEndIncluding": "4.5", "vulnerable": true}, {"criteria": "cpe:2.3:a:invensys:wonderware_information_server:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "262CBEB8-A6EA-48DE-B5A5-460660F33442", "vulnerable": true}, {"criteria": "cpe:2.3:a:invensys:wonderware_information_server:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "FC154F44-2618-4AD5-B252-98E521F98CEB", "vulnerable": true}, {"criteria": "cpe:2.3:a:invensys:wonderware_information_server:4.0:sp1:*:*:*:*:*:*", "matchCriteriaId": "325DE4D6-7649-4566-BC6E-1F8DC16FF1A9", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in the WWCabFile ActiveX component in the Wonderware System Platform in Invensys Wonderware Application Server 2012 and earlier, Foxboro Control Software 3.1 and earlier, InFusion CE/FE/SCADA 2.5 and earlier, Wonderware Information Server 4.5 and earlier, ArchestrA Application Object Toolkit 3.2 and earlier, and InTouch 10.0 through 10.5 might allow remote attackers to execute arbitrary code via a long string to the AddFile member."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer basado en memoria din\u00e1mica en el componente ActiveX WWCabFile en Wonderware System Platform en Invensys Wonderware Application Server 2012 y anteriores, Foxboro Control Software v3.1 y anteriores, InFusion CE/FE/SCADA v2.5 y anteriores, Wonderware Information Server v4.5 y anteriores, ArchestrA Application Object Toolkit v3.2 y anteriores, y InTouch v10.0 hasta v10.5 ,permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de una cadena larga sobre el miembro Addfile."}], "id": "CVE-2012-0258", "lastModified": "2013-03-26T03:32:04.703", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2012-04-02T20:55:02.230", "references": [{"source": "cret@cert.org", "url": "http://osvdb.org/80891"}, {"source": "cret@cert.org", "url": "http://secunia.com/advisories/48675"}, {"source": "cret@cert.org", "tags": ["US Government Resource"], "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-081-01.pdf"}, {"source": "cret@cert.org", "url": "https://wdnresource.wonderware.com/support/docs/_SecurityBulletins/Security_Bulletin_LFSEC00000071.pdf"}], "sourceIdentifier": "cret@cert.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}