Vulnerability CVE-2012-0245


Published: 2012-03-09

Description:
Multiple stack-based buffer overflows in RobNetScanHost.exe in ABB Robot Communications Runtime before 5.14.02, as used in ABB Interlink Module, IRC5 OPC Server, PC SDK, PickMaster 3 and 5, RobView 5, RobotStudio, WebWare SDK, and WebWare Server, allow remote attackers to execute arbitrary code via a crafted (1) 0xA or (2) 0xE Netscan packet.

Type:

CWE-119

(Improper Restriction of Operations within the Bounds of a Memory Buffer)

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
10/10
10/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
ABB -> Interlink module 
ABB -> Irc5 opc server 
ABB -> Pc sdk 
ABB -> Pickmaster 3 
ABB -> Pickmaster 5 
ABB -> Robot communications runtime 
ABB -> Robotstudio 
ABB -> Robview 5 
ABB -> Webware sdk 
ABB -> Webware server 

 References:
http://www.us-cert.gov/control_systems/pdf/ICSA-12-059-01.pdf
http://www05.abb.com/global/scot/scot348.nsf/veritydisplay/f261be074480dc24c12579a00049ecd5/$file/si10227a1%20vulnerability%20security%20advisory.pdf
http://www.zerodayinitiative.com/advisories/ZDI-12-033/
http://secunia.com/advisories/48090

Copyright 2024, cxsecurity.com

 

Back to Top