Search criteria
4 vulnerabilities found for quickteach by abb
VAR-201204-0126
Vulnerability from variot - Updated: 2023-12-18 13:57Multiple stack-based buffer overflows in (1) COM and (2) ActiveX controls in ABB WebWare Server, WebWare SDK, Interlink Module, S4 OPC Server, QuickTeach, RobotStudio S4, and RobotStudio Lite allow remote attackers to execute arbitrary code via crafted input data. ABB is a leader in power and automation technology among the world's top 500 companies. ABB's multiple products include COM and ActiveX controls that do not adequately check user input data, and an attacker builds a malicious WEB page, convincing the user to parse, spilling the stack pointer or causing control to stop. Multiple ABB products are prone to a remote buffer-overflow vulnerability because they fail to perform adequate boundary checks on user-supplied data. Attackers can exploit this issue to execute arbitrary code within the context of the application using the vulnerable control (typically Internet Explorer). ----------------------------------------------------------------------
Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch
TITLE: ABB Multiple Products ActiveX Control Buffer Overflow Vulnerability
SECUNIA ADVISORY ID: SA48693
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/48693/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=48693
RELEASE DATE: 2012-04-05
DISCUSS ADVISORY: http://secunia.com/advisories/48693/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/48693/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=48693
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in various ABB products, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an error in an unspecified ActiveX control and can be exploited to cause a stack-based buffer overflow.
Successful exploitation may allow execution of arbitrary code. Instead, set the kill-bit for the affected ActiveX control (contact the vendor for more information).
PROVIDED AND/OR DISCOVERED BY: Terry McCorkle and Billy Rios
ORIGINAL ADVISORY: ABB-VU-DMRO-41532: http://www.abb.com/global/scot/scot348.nsf/veritydisplay/35df9dc4a94ae83ac12579ca0043acc1/$file/SI10231A2%20rev%200.pdf
ICSA-12-095-01: http://www.us-cert.gov/control_systems/pdf/ICSA-12-095-01.pdf
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201204-0126",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "interlink module",
"scope": "eq",
"trust": 1.6,
"vendor": "abb",
"version": null
},
{
"model": "quickteach",
"scope": "eq",
"trust": 1.6,
"vendor": "abb",
"version": null
},
{
"model": "robotstudio s4",
"scope": "eq",
"trust": 1.6,
"vendor": "abb",
"version": null
},
{
"model": "robotstudio lite",
"scope": "eq",
"trust": 1.6,
"vendor": "abb",
"version": null
},
{
"model": "webware sdk",
"scope": "eq",
"trust": 1.6,
"vendor": "abb",
"version": null
},
{
"model": "webware server",
"scope": "eq",
"trust": 1.6,
"vendor": "abb",
"version": null
},
{
"model": "s4 opc server",
"scope": "eq",
"trust": 1.6,
"vendor": "abb",
"version": null
},
{
"model": "s4 opc server",
"scope": null,
"trust": 1.4,
"vendor": "abb",
"version": null
},
{
"model": "quickteach",
"scope": null,
"trust": 1.4,
"vendor": "abb",
"version": null
},
{
"model": "webware server",
"scope": "eq",
"trust": 0.9,
"vendor": "abb",
"version": "4.0"
},
{
"model": "webware server",
"scope": "eq",
"trust": 0.9,
"vendor": "abb",
"version": "4.6"
},
{
"model": "webware server",
"scope": "eq",
"trust": 0.9,
"vendor": "abb",
"version": "4.91"
},
{
"model": "webware sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "abb",
"version": "4.6"
},
{
"model": "webware sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "abb",
"version": "4.9"
},
{
"model": "robotstudio s4",
"scope": "eq",
"trust": 0.9,
"vendor": "abb",
"version": "0"
},
{
"model": "robotstudio lite",
"scope": "eq",
"trust": 0.9,
"vendor": "abb",
"version": "0"
},
{
"model": "robotstudio",
"scope": "eq",
"trust": 0.9,
"vendor": "abb",
"version": "5.14.01"
},
{
"model": "robotstudio",
"scope": "eq",
"trust": 0.9,
"vendor": "abb",
"version": "5.14.02"
},
{
"model": "interlink module",
"scope": "eq",
"trust": 0.9,
"vendor": "abb",
"version": "4.6"
},
{
"model": "interlink module",
"scope": "eq",
"trust": 0.9,
"vendor": "abb",
"version": "4.9"
},
{
"model": "interlink module",
"scope": null,
"trust": 0.8,
"vendor": "abb",
"version": null
},
{
"model": "robotstudio lite",
"scope": null,
"trust": 0.8,
"vendor": "abb",
"version": null
},
{
"model": "robotstudio s4",
"scope": null,
"trust": 0.8,
"vendor": "abb",
"version": null
},
{
"model": "webware sdk",
"scope": null,
"trust": 0.8,
"vendor": "abb",
"version": null
},
{
"model": "webware server",
"scope": null,
"trust": 0.8,
"vendor": "abb",
"version": null
},
{
"model": "webware server",
"scope": "eq",
"trust": 0.3,
"vendor": "abb",
"version": "0"
},
{
"model": "webware sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "abb",
"version": "0"
},
{
"model": "s4 opc server",
"scope": "eq",
"trust": 0.3,
"vendor": "abb",
"version": "0"
},
{
"model": "quickteach",
"scope": "eq",
"trust": 0.3,
"vendor": "abb",
"version": "0"
},
{
"model": "interlink module",
"scope": "eq",
"trust": 0.3,
"vendor": "abb",
"version": "0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "interlink module",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "quickteach",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "robotstudio lite",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "robotstudio s4",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "s4 opc server",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webware sdk",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webware server",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "f0e62f68-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-1780"
},
{
"db": "BID",
"id": "52888"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002095"
},
{
"db": "NVD",
"id": "CVE-2012-1801"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-021"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:abb:interlink_module:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:abb:webware_sdk:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:abb:s4_opc_server:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:abb:quickteach:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:abb:robotstudio_lite:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:abb:robotstudio_s4:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:abb:webware_server:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-1801"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Terry McCorkle and Billy Rios",
"sources": [
{
"db": "BID",
"id": "52888"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-021"
}
],
"trust": 0.9
},
"cve": "CVE-2012-1801",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.7,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 5.1,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.7,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2012-1801",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.7,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 5.1,
"id": "f0e62f68-2353-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:A/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.7,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 5.1,
"id": "VHN-55082",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:A/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-1801",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201204-021",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "f0e62f68-2353-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-55082",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "f0e62f68-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-55082"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002095"
},
{
"db": "NVD",
"id": "CVE-2012-1801"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-021"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple stack-based buffer overflows in (1) COM and (2) ActiveX controls in ABB WebWare Server, WebWare SDK, Interlink Module, S4 OPC Server, QuickTeach, RobotStudio S4, and RobotStudio Lite allow remote attackers to execute arbitrary code via crafted input data. ABB is a leader in power and automation technology among the world\u0027s top 500 companies. ABB\u0027s multiple products include COM and ActiveX controls that do not adequately check user input data, and an attacker builds a malicious WEB page, convincing the user to parse, spilling the stack pointer or causing control to stop. Multiple ABB products are prone to a remote buffer-overflow vulnerability because they fail to perform adequate boundary checks on user-supplied data. \nAttackers can exploit this issue to execute arbitrary code within the context of the application using the vulnerable control (typically Internet Explorer). ----------------------------------------------------------------------\n\nBecome a PSI 3.0 beta tester!\nTest-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. \nDownload it here!\nhttp://secunia.com/psi_30_beta_launch\n\n----------------------------------------------------------------------\n\nTITLE:\nABB Multiple Products ActiveX Control Buffer Overflow Vulnerability\n\nSECUNIA ADVISORY ID:\nSA48693\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/48693/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48693\n\nRELEASE DATE:\n2012-04-05\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/48693/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/48693/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48693\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in various ABB products, which can\nbe exploited by malicious people to compromise a user\u0027s system. \n\nThe vulnerability is caused due to an error in an unspecified ActiveX\ncontrol and can be exploited to cause a stack-based buffer overflow. \n\nSuccessful exploitation may allow execution of arbitrary code. Instead, set the kill-bit for the\naffected ActiveX control (contact the vendor for more information). \n\nPROVIDED AND/OR DISCOVERED BY:\nTerry McCorkle and Billy Rios\n\nORIGINAL ADVISORY:\nABB-VU-DMRO-41532:\nhttp://www.abb.com/global/scot/scot348.nsf/veritydisplay/35df9dc4a94ae83ac12579ca0043acc1/$file/SI10231A2%20rev%200.pdf\n\nICSA-12-095-01:\nhttp://www.us-cert.gov/control_systems/pdf/ICSA-12-095-01.pdf\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-1801"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002095"
},
{
"db": "CNVD",
"id": "CNVD-2012-1780"
},
{
"db": "BID",
"id": "52888"
},
{
"db": "IVD",
"id": "f0e62f68-2353-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-55082"
},
{
"db": "PACKETSTORM",
"id": "111606"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-1801",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-12-095-01A",
"trust": 2.5
},
{
"db": "BID",
"id": "52888",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "48693",
"trust": 1.9
},
{
"db": "ICS CERT",
"id": "ICSA-12-095-01",
"trust": 1.0
},
{
"db": "CNNVD",
"id": "CNNVD-201204-021",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2012-1780",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002095",
"trust": 0.8
},
{
"db": "NSFOCUS",
"id": "19296",
"trust": 0.6
},
{
"db": "IVD",
"id": "F0E62F68-2353-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-55082",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "111606",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "f0e62f68-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-1780"
},
{
"db": "VULHUB",
"id": "VHN-55082"
},
{
"db": "BID",
"id": "52888"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002095"
},
{
"db": "PACKETSTORM",
"id": "111606"
},
{
"db": "NVD",
"id": "CVE-2012-1801"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-021"
}
]
},
"id": "VAR-201204-0126",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "f0e62f68-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-1780"
},
{
"db": "VULHUB",
"id": "VHN-55082"
}
],
"trust": 1.4885416624999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "f0e62f68-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-1780"
}
]
},
"last_update_date": "2023-12-18T13:57:54.096000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "ABB-VU-DMRO-41532",
"trust": 0.8,
"url": "http://www05.abb.com/global/scot/scot348.nsf/veritydisplay/35df9dc4a94ae83ac12579ca0043acc1/$file/si10231a2%20rev%200.pdf"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.abb.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-002095"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-55082"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002095"
},
{
"db": "NVD",
"id": "CVE-2012-1801"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-095-01a.pdf"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/52888"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/48693"
},
{
"trust": 1.0,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-095-01.pdf"
},
{
"trust": 1.0,
"url": "http://www05.abb.com/global/scot/scot348.nsf/veritydisplay/35df9dc4a94ae83ac12579ca0043acc1/%24file/si10231a2%20rev%200.pdf"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1801"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-1801"
},
{
"trust": 0.7,
"url": "http://www05.abb.com/global/scot/scot348.nsf/veritydisplay/35df9dc4a94ae83ac12579ca0043acc1/$file/si10231a2%20rev%200.pdf"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/19296"
},
{
"trust": 0.3,
"url": "http://www.abb.com/"
},
{
"trust": 0.1,
"url": "http://secunia.com/psi_30_beta_launch"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48693"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/48693/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/48693/#comments"
},
{
"trust": 0.1,
"url": "http://www.abb.com/global/scot/scot348.nsf/veritydisplay/35df9dc4a94ae83ac12579ca0043acc1/$file/si10231a2%20rev%200.pdf"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-1780"
},
{
"db": "VULHUB",
"id": "VHN-55082"
},
{
"db": "BID",
"id": "52888"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002095"
},
{
"db": "PACKETSTORM",
"id": "111606"
},
{
"db": "NVD",
"id": "CVE-2012-1801"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-021"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "f0e62f68-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-1780"
},
{
"db": "VULHUB",
"id": "VHN-55082"
},
{
"db": "BID",
"id": "52888"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002095"
},
{
"db": "PACKETSTORM",
"id": "111606"
},
{
"db": "NVD",
"id": "CVE-2012-1801"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-021"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-04-09T00:00:00",
"db": "IVD",
"id": "f0e62f68-2353-11e6-abef-000c29c66e3d"
},
{
"date": "2012-04-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-1780"
},
{
"date": "2012-04-18T00:00:00",
"db": "VULHUB",
"id": "VHN-55082"
},
{
"date": "2012-04-04T00:00:00",
"db": "BID",
"id": "52888"
},
{
"date": "2012-04-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002095"
},
{
"date": "2012-04-05T05:30:16",
"db": "PACKETSTORM",
"id": "111606"
},
{
"date": "2012-04-18T10:33:35.417000",
"db": "NVD",
"id": "CVE-2012-1801"
},
{
"date": "2012-04-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201204-021"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-04-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-1780"
},
{
"date": "2017-12-20T00:00:00",
"db": "VULHUB",
"id": "VHN-55082"
},
{
"date": "2012-04-04T00:00:00",
"db": "BID",
"id": "52888"
},
{
"date": "2012-04-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002095"
},
{
"date": "2023-11-07T02:10:20.220000",
"db": "NVD",
"id": "CVE-2012-1801"
},
{
"date": "2012-04-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201204-021"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "specific network environment",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201204-021"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural ABB Product stack-based buffer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-002095"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "f0e62f68-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-021"
}
],
"trust": 0.8
}
}
FKIE_CVE-2012-1801
Vulnerability from fkie_nvd - Published: 2012-04-18 10:33 - Updated: 2025-04-11 00:51
Severity ?
Summary
Multiple stack-based buffer overflows in (1) COM and (2) ActiveX controls in ABB WebWare Server, WebWare SDK, Interlink Module, S4 OPC Server, QuickTeach, RobotStudio S4, and RobotStudio Lite allow remote attackers to execute arbitrary code via crafted input data.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| abb | interlink_module | - | |
| abb | quickteach | - | |
| abb | robotstudio_lite | - | |
| abb | robotstudio_s4 | - | |
| abb | s4_opc_server | - | |
| abb | webware_sdk | - | |
| abb | webware_server | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:abb:interlink_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E3613C59-4589-43B6-8B92-CD1D99CA5E08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:abb:quickteach:-:*:*:*:*:*:*:*",
"matchCriteriaId": "060957B9-B811-45D0-B6C6-AA3ABD8415E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:abb:robotstudio_lite:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDB58170-F332-442A-8470-523DAEE3C544",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:abb:robotstudio_s4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA154046-8D05-4D9E-A1BF-65E36D9E92C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:abb:s4_opc_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F891948-4044-4D71-97E0-AB6E76830020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:abb:webware_sdk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C6E8AF2-2353-48A7-805A-A11D3D689F44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:abb:webware_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B02E9A10-D707-44BF-B37E-A457BDF3BB88",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in (1) COM and (2) ActiveX controls in ABB WebWare Server, WebWare SDK, Interlink Module, S4 OPC Server, QuickTeach, RobotStudio S4, and RobotStudio Lite allow remote attackers to execute arbitrary code via crafted input data."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer basados ??en la pila en controles (1) COM y (2) ActiveX en ABB WebWare Server SDK WebWare, M\u00f3dulo de Interlink, S4 Servidor OPC, QuickTeach, S4 RobotStudio y RobotStudio Lite permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de la entrada modificada."
}
],
"id": "CVE-2012-1801",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.7,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:A/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 5.1,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-04-18T10:33:35.417",
"references": [
{
"source": "cret@cert.org",
"url": "http://secunia.com/advisories/48693"
},
{
"source": "cret@cert.org",
"url": "http://www.securityfocus.com/bid/52888"
},
{
"source": "cret@cert.org",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-095-01A.pdf"
},
{
"source": "cret@cert.org",
"url": "http://www05.abb.com/global/scot/scot348.nsf/veritydisplay/35df9dc4a94ae83ac12579ca0043acc1/%24file/SI10231A2%20rev%200.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48693"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52888"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-095-01A.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www05.abb.com/global/scot/scot348.nsf/veritydisplay/35df9dc4a94ae83ac12579ca0043acc1/%24file/SI10231A2%20rev%200.pdf"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2012-1801 (GCVE-0-2012-1801)
Vulnerability from cvelistv5 – Published: 2012-04-18 10:00 – Updated: 2024-08-06 19:08
VLAI?
Summary
Multiple stack-based buffer overflows in (1) COM and (2) ActiveX controls in ABB WebWare Server, WebWare SDK, Interlink Module, S4 OPC Server, QuickTeach, RobotStudio S4, and RobotStudio Lite allow remote attackers to execute arbitrary code via crafted input data.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:08:38.717Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-095-01A.pdf"
},
{
"name": "48693",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48693"
},
{
"name": "52888",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52888"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www05.abb.com/global/scot/scot348.nsf/veritydisplay/35df9dc4a94ae83ac12579ca0043acc1/%24file/SI10231A2%20rev%200.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-04-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in (1) COM and (2) ActiveX controls in ABB WebWare Server, WebWare SDK, Interlink Module, S4 OPC Server, QuickTeach, RobotStudio S4, and RobotStudio Lite allow remote attackers to execute arbitrary code via crafted input data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-19T19:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-095-01A.pdf"
},
{
"name": "48693",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48693"
},
{
"name": "52888",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52888"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www05.abb.com/global/scot/scot348.nsf/veritydisplay/35df9dc4a94ae83ac12579ca0043acc1/%24file/SI10231A2%20rev%200.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2012-1801",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in (1) COM and (2) ActiveX controls in ABB WebWare Server, WebWare SDK, Interlink Module, S4 OPC Server, QuickTeach, RobotStudio S4, and RobotStudio Lite allow remote attackers to execute arbitrary code via crafted input data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-095-01A.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-095-01A.pdf"
},
{
"name": "48693",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48693"
},
{
"name": "52888",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52888"
},
{
"name": "http://www05.abb.com/global/scot/scot348.nsf/veritydisplay/35df9dc4a94ae83ac12579ca0043acc1/$file/SI10231A2%20rev%200.pdf",
"refsource": "CONFIRM",
"url": "http://www05.abb.com/global/scot/scot348.nsf/veritydisplay/35df9dc4a94ae83ac12579ca0043acc1/$file/SI10231A2%20rev%200.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2012-1801",
"datePublished": "2012-04-18T10:00:00",
"dateReserved": "2012-03-21T00:00:00",
"dateUpdated": "2024-08-06T19:08:38.717Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1801 (GCVE-0-2012-1801)
Vulnerability from nvd – Published: 2012-04-18 10:00 – Updated: 2024-08-06 19:08
VLAI?
Summary
Multiple stack-based buffer overflows in (1) COM and (2) ActiveX controls in ABB WebWare Server, WebWare SDK, Interlink Module, S4 OPC Server, QuickTeach, RobotStudio S4, and RobotStudio Lite allow remote attackers to execute arbitrary code via crafted input data.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:08:38.717Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-095-01A.pdf"
},
{
"name": "48693",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48693"
},
{
"name": "52888",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52888"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www05.abb.com/global/scot/scot348.nsf/veritydisplay/35df9dc4a94ae83ac12579ca0043acc1/%24file/SI10231A2%20rev%200.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-04-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in (1) COM and (2) ActiveX controls in ABB WebWare Server, WebWare SDK, Interlink Module, S4 OPC Server, QuickTeach, RobotStudio S4, and RobotStudio Lite allow remote attackers to execute arbitrary code via crafted input data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-19T19:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-095-01A.pdf"
},
{
"name": "48693",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48693"
},
{
"name": "52888",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52888"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www05.abb.com/global/scot/scot348.nsf/veritydisplay/35df9dc4a94ae83ac12579ca0043acc1/%24file/SI10231A2%20rev%200.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2012-1801",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in (1) COM and (2) ActiveX controls in ABB WebWare Server, WebWare SDK, Interlink Module, S4 OPC Server, QuickTeach, RobotStudio S4, and RobotStudio Lite allow remote attackers to execute arbitrary code via crafted input data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-095-01A.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-095-01A.pdf"
},
{
"name": "48693",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48693"
},
{
"name": "52888",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52888"
},
{
"name": "http://www05.abb.com/global/scot/scot348.nsf/veritydisplay/35df9dc4a94ae83ac12579ca0043acc1/$file/SI10231A2%20rev%200.pdf",
"refsource": "CONFIRM",
"url": "http://www05.abb.com/global/scot/scot348.nsf/veritydisplay/35df9dc4a94ae83ac12579ca0043acc1/$file/SI10231A2%20rev%200.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2012-1801",
"datePublished": "2012-04-18T10:00:00",
"dateReserved": "2012-03-21T00:00:00",
"dateUpdated": "2024-08-06T19:08:38.717Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}