VAR-201008-0279
Vulnerability from variot - Updated: 2023-12-18 12:22Stack-based buffer overflow in the IConfigurationAccess interface in the Invensys Wonderware Archestra ConfigurationAccessComponent ActiveX control in Wonderware Application Server (WAS) before 3.1 SP2 P01, as used in the Wonderware Archestra Integrated Development Environment (IDE) and the InFusion Integrated Engineering Environment (IEE), allows remote attackers to execute arbitrary code via the first argument to the UnsubscribeData method. Wonderware Archestra ConfigurationAccessComponent ActiveX The control contains a buffer overflow vulnerability. The UnsubscribeData method of the IConfigurationAccess interface privately wcscpy() copies the first parameter to the static size buffer, which can trigger a buffer overflow. Successful exploitation of a vulnerability can execute arbitrary instructions with application privileges. Wonderware Archestra ConfigurationAccessComponent ActiveX control is prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Failed attempts will likely result in denial-of-service conditions. The vulnerable ActiveX control is included in the following products: Wonderware Application Server prior to 3.1 Service Pack 2 Patch 01
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201008-0279",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wonderware application server",
"scope": "eq",
"trust": 1.6,
"vendor": "invensys",
"version": "3.1"
},
{
"model": "wonderware archestra configuration access component activex control",
"scope": null,
"trust": 1.6,
"vendor": "invensys",
"version": null
},
{
"model": "wonderware application server",
"scope": "eq",
"trust": 1.2,
"vendor": "invensys",
"version": "3.0"
},
{
"model": "wonderware application server",
"scope": "eq",
"trust": 1.2,
"vendor": "invensys",
"version": "2.1"
},
{
"model": "wonderware application server",
"scope": "eq",
"trust": 1.2,
"vendor": "invensys",
"version": "2.0"
},
{
"model": "wonderware application server",
"scope": "lte",
"trust": 1.0,
"vendor": "invensys",
"version": "3.1"
},
{
"model": "wonderware archestra configuration access component activex control",
"scope": "eq",
"trust": 1.0,
"vendor": "invensys",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.8,
"vendor": "wonderware application server",
"version": "3.1"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "invensys",
"version": null
},
{
"model": "wonderware application server",
"scope": "lt",
"trust": 0.8,
"vendor": "invensys",
"version": "3.1 sp2 p01"
},
{
"model": "wonderware application server",
"scope": "lt",
"trust": 0.8,
"vendor": "invensys",
"version": "3.1 service pack 2 patch 01 earlier"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "4.x"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wonderware archestra configuration access component activex control",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "infusion integrated engineering environment",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wonderware application server",
"version": "2.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wonderware application server",
"version": "2.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wonderware application server",
"version": "3.0"
},
{
"model": null,
"scope": "lte",
"trust": 0.4,
"vendor": "wonderware application server",
"version": "\u003c=3.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wonderware archestra integrated environment",
"version": "*"
},
{
"model": "wonderware application server",
"scope": "lte",
"trust": 0.2,
"vendor": "invensys",
"version": "\u003c=3.1"
}
],
"sources": [
{
"db": "IVD",
"id": "46bcfbba-1fb2-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d722f70-463f-11e9-b02f-000c29342cb1"
},
{
"db": "IVD",
"id": "00d1a20c-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CERT/CC",
"id": "VU#703189"
},
{
"db": "CNVD",
"id": "CNVD-2010-1498"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-004992"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001891"
},
{
"db": "NVD",
"id": "CVE-2010-2974"
},
{
"db": "CNNVD",
"id": "CNNVD-201008-052"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_archestra_configuration_access_component_activex_control:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_archestra_integrated_development_environment:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_application_server:*:sp2:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_application_server:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:infusion_integrated_engineering_environment:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_application_server:3.1:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_application_server:3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_application_server:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:invensys:wonderware_application_server:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-2974"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IOActive",
"sources": [
{
"db": "BID",
"id": "42184"
}
],
"trust": 0.3
},
"cve": "CVE-2010-2974",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2010-2974",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "46bcfbba-1fb2-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "7d722f70-463f-11e9-b02f-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "00d1a20c-2356-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-45579",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2010-2974",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#703189",
"trust": 0.8,
"value": "5.06"
},
{
"author": "CNNVD",
"id": "CNNVD-201008-052",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "46bcfbba-1fb2-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "7d722f70-463f-11e9-b02f-000c29342cb1",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "00d1a20c-2356-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-45579",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "46bcfbba-1fb2-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d722f70-463f-11e9-b02f-000c29342cb1"
},
{
"db": "IVD",
"id": "00d1a20c-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CERT/CC",
"id": "VU#703189"
},
{
"db": "VULHUB",
"id": "VHN-45579"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-004992"
},
{
"db": "NVD",
"id": "CVE-2010-2974"
},
{
"db": "CNNVD",
"id": "CNNVD-201008-052"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stack-based buffer overflow in the IConfigurationAccess interface in the Invensys Wonderware Archestra ConfigurationAccessComponent ActiveX control in Wonderware Application Server (WAS) before 3.1 SP2 P01, as used in the Wonderware Archestra Integrated Development Environment (IDE) and the InFusion Integrated Engineering Environment (IEE), allows remote attackers to execute arbitrary code via the first argument to the UnsubscribeData method. Wonderware Archestra ConfigurationAccessComponent ActiveX The control contains a buffer overflow vulnerability. The UnsubscribeData method of the IConfigurationAccess interface privately wcscpy() copies the first parameter to the static size buffer, which can trigger a buffer overflow. Successful exploitation of a vulnerability can execute arbitrary instructions with application privileges. Wonderware Archestra ConfigurationAccessComponent ActiveX control is prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Failed attempts will likely result in denial-of-service conditions. \nThe vulnerable ActiveX control is included in the following products:\nWonderware Application Server prior to 3.1 Service Pack 2 Patch 01",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-2974"
},
{
"db": "CERT/CC",
"id": "VU#703189"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-004992"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001891"
},
{
"db": "CNVD",
"id": "CNVD-2010-1498"
},
{
"db": "BID",
"id": "42184"
},
{
"db": "IVD",
"id": "46bcfbba-1fb2-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d722f70-463f-11e9-b02f-000c29342cb1"
},
{
"db": "IVD",
"id": "00d1a20c-2356-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-45579"
}
],
"trust": 4.5
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#703189",
"trust": 5.0
},
{
"db": "NVD",
"id": "CVE-2010-2974",
"trust": 3.4
},
{
"db": "CNNVD",
"id": "CNNVD-201008-052",
"trust": 1.3
},
{
"db": "CNVD",
"id": "CNVD-2010-1498",
"trust": 1.0
},
{
"db": "BID",
"id": "42184",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2010-004992",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001891",
"trust": 0.8
},
{
"db": "ICS CERT ALERT",
"id": "ICS-ALERT-11-230-01",
"trust": 0.3
},
{
"db": "IVD",
"id": "46BCFBBA-1FB2-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "7D722F70-463F-11E9-B02F-000C29342CB1",
"trust": 0.2
},
{
"db": "IVD",
"id": "00D1A20C-2356-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-45579",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "46bcfbba-1fb2-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d722f70-463f-11e9-b02f-000c29342cb1"
},
{
"db": "IVD",
"id": "00d1a20c-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CERT/CC",
"id": "VU#703189"
},
{
"db": "CNVD",
"id": "CNVD-2010-1498"
},
{
"db": "VULHUB",
"id": "VHN-45579"
},
{
"db": "BID",
"id": "42184"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-004992"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001891"
},
{
"db": "NVD",
"id": "CVE-2010-2974"
},
{
"db": "CNNVD",
"id": "CNNVD-201008-052"
}
]
},
"id": "VAR-201008-0279",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "46bcfbba-1fb2-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d722f70-463f-11e9-b02f-000c29342cb1"
},
{
"db": "IVD",
"id": "00d1a20c-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-1498"
},
{
"db": "VULHUB",
"id": "VHN-45579"
}
],
"trust": 1.9142241500000001
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.2
}
],
"sources": [
{
"db": "IVD",
"id": "46bcfbba-1fb2-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d722f70-463f-11e9-b02f-000c29342cb1"
},
{
"db": "IVD",
"id": "00d1a20c-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-1498"
}
]
},
"last_update_date": "2023-12-18T12:22:24.405000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top page",
"trust": 0.8,
"url": "http://wonderwarepacwest.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://support.ips.invensys.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-004992"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001891"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-45579"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-004992"
},
{
"db": "NVD",
"id": "CVE-2010-2974"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 4.2,
"url": "http://www.kb.cert.org/vuls/id/703189"
},
{
"trust": 2.0,
"url": "http://www.pacwest.wonderware.com/web/news/newsdetails.aspx?newsid=203108"
},
{
"trust": 1.7,
"url": "http://www.kb.cert.org/vuls/id/moro-87mhpt"
},
{
"trust": 1.7,
"url": "https://wdnresource.wonderware.com/support/kbcd/html/1/t002492.htm"
},
{
"trust": 0.8,
"url": "about vulnerability notes"
},
{
"trust": 0.8,
"url": "contact us about this vulnerability"
},
{
"trust": 0.8,
"url": "provide a vendor statement"
},
{
"trust": 0.8,
"url": "http://wdn.wonderware.com(registrationrequired).http://support.ips.invensys.com(registrationrequired).http://www.pacwest.wonderware.com/web/news/newsdetails.aspx?newsid=203108https://wdnresource.wonderware.com/support/kbcd/html/1/t002492.htm(registrationrequired)"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2974"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2974"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu703189"
},
{
"trust": 0.8,
"url": "http://www.kb.cert.org/cert_web/services/vul-notes.nsf/6eacfaeab94596f5852569290066a50b/b96f3df70ef05a8f85257775004f739a"
},
{
"trust": 0.3,
"url": "http://support.microsoft.com/kb/240797"
},
{
"trust": 0.3,
"url": "http://www.us-cert.gov/control_systems/pdf/ics-alert-11-230-01.pdf"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#703189"
},
{
"db": "CNVD",
"id": "CNVD-2010-1498"
},
{
"db": "VULHUB",
"id": "VHN-45579"
},
{
"db": "BID",
"id": "42184"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-004992"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001891"
},
{
"db": "NVD",
"id": "CVE-2010-2974"
},
{
"db": "CNNVD",
"id": "CNNVD-201008-052"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "46bcfbba-1fb2-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d722f70-463f-11e9-b02f-000c29342cb1"
},
{
"db": "IVD",
"id": "00d1a20c-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CERT/CC",
"id": "VU#703189"
},
{
"db": "CNVD",
"id": "CNVD-2010-1498"
},
{
"db": "VULHUB",
"id": "VHN-45579"
},
{
"db": "BID",
"id": "42184"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-004992"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001891"
},
{
"db": "NVD",
"id": "CVE-2010-2974"
},
{
"db": "CNNVD",
"id": "CNNVD-201008-052"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-08-06T00:00:00",
"db": "IVD",
"id": "46bcfbba-1fb2-11e6-abef-000c29c66e3d"
},
{
"date": "2010-08-06T00:00:00",
"db": "IVD",
"id": "7d722f70-463f-11e9-b02f-000c29342cb1"
},
{
"date": "2010-08-09T00:00:00",
"db": "IVD",
"id": "00d1a20c-2356-11e6-abef-000c29c66e3d"
},
{
"date": "2010-08-04T00:00:00",
"db": "CERT/CC",
"id": "VU#703189"
},
{
"date": "2010-08-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-1498"
},
{
"date": "2010-08-05T00:00:00",
"db": "VULHUB",
"id": "VHN-45579"
},
{
"date": "2010-08-04T00:00:00",
"db": "BID",
"id": "42184"
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-004992"
},
{
"date": "2010-08-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001891"
},
{
"date": "2010-08-05T19:17:55.543000",
"db": "NVD",
"id": "CVE-2010-2974"
},
{
"date": "2010-08-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201008-052"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-08-05T00:00:00",
"db": "CERT/CC",
"id": "VU#703189"
},
{
"date": "2010-08-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-1498"
},
{
"date": "2010-08-09T00:00:00",
"db": "VULHUB",
"id": "VHN-45579"
},
{
"date": "2011-08-19T17:10:00",
"db": "BID",
"id": "42184"
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-004992"
},
{
"date": "2010-08-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001891"
},
{
"date": "2010-08-09T04:00:00",
"db": "NVD",
"id": "CVE-2010-2974"
},
{
"date": "2011-07-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201008-052"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201008-052"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wonderware Archestra ConfigurationAccessComponent Stack Buffer Overflow Vulnerability",
"sources": [
{
"db": "IVD",
"id": "46bcfbba-1fb2-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d722f70-463f-11e9-b02f-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2010-1498"
},
{
"db": "BID",
"id": "42184"
}
],
"trust": 1.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "46bcfbba-1fb2-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d722f70-463f-11e9-b02f-000c29342cb1"
},
{
"db": "IVD",
"id": "00d1a20c-2356-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201008-052"
}
],
"trust": 1.2
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…