Vulnerabilities for Infusion foundation edition (...) - CXSECURITY.COM

Vulnerabilities for 'Infusion foundation edition'

2012-04-02

CVE-2012-0258

CWE-119

Heap-based buffer overflow in the WWCabFile ActiveX component in the Wonderware System Platform in Invensys Wonderware Application Server 2012 and earlier, Foxboro Control Software 3.1 and earlier, InFusion CE/FE/SCADA 2.5 and earlier, Wonderware Information Server 4.5 and earlier, ArchestrA Application Object Toolkit 3.2 and earlier, and InTouch 10.0 through 10.5 might allow remote attackers to execute arbitrary code via a long string to the AddFile member.

CVE-2012-0257

CWE-119

Heap-based buffer overflow in the WWCabFile ActiveX component in the Wonderware System Platform in Invensys Wonderware Application Server 2012 and earlier, Foxboro Control Software 3.1 and earlier, InFusion CE/FE/SCADA 2.5 and earlier, Wonderware Information Server 4.5 and earlier, ArchestrA Application Object Toolkit 3.2 and earlier, and InTouch 10.0 through 10.5 might allow remote attackers to execute arbitrary code via a long string to the Open member, leading to a function-pointer overwrite.

>>> Vendor: Invensys 20 Products

Wonderware application server

Wonderware archestra configuration access component activex control

Foxboro i/a series batch

Wonderware inbatch

Wonderware information server

Wonderware hmi reports

Archestra application object toolkit

Foxboro control software

Infusion control edition

Infusion foundation edition

Daserver runtime components

Intouch/wonderware application server

Infusion ce/fe/scada

Wonderware historian

Wonderware intouch

Wonderware win-xml exporter

Copyright 2024, cxsecurity.com