RSS   Vulnerabilities for 'Wonderware hmi reports'   RSS

2012-02-10
 
CVE-2011-4039

CWE-264
 

 
Invensys Wonderware HMI Reports 3.42.835.0304 and earlier, as used in Ocean Data Systems Dream Report before 4.0 and other products, allows user-assisted remote attackers to execute arbitrary code via a malformed file that triggers a "write access violation."

 
 
CVE-2011-4038

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in Invensys Wonderware HMI Reports 3.42.835.0304 and earlier, as used in Ocean Data Systems Dream Report before 4.0 and other products, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.

 

 >>> Vendor: Invensys 20 Products
Wonderware application server
Wonderware archestra configuration access component activex control
Foxboro i/a series batch
Wonderware inbatch
Wonderware information server
Wonderware hmi reports
Archestra application object toolkit
Foxboro control software
Infusion control edition
Infusion foundation edition
Infusion scada
Intouch
Dasabcip
Daserver runtime components
Dassidirect
Intouch/wonderware application server
Infusion ce/fe/scada
Wonderware historian
Wonderware intouch
Wonderware win-xml exporter


Copyright 2022, cxsecurity.com

 

Back to Top