VAR-201304-0009
Vulnerability from variot - Updated: 2023-12-18 12:21Buffer overflow in LogReceiver.exe in Rockwell Automation RSLinx Enterprise CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a UDP packet with a certain integer length value that is (1) too large or (2) too small, leading to improper handling by Logger.dll. RSLinx Enterprise is a standard OPC server software that bridges the communication between RSView Server and PLC. RSLinx Enterprise (LogReceiver.exe and Logger.dll) does not process the input correctly. Receiving a very large packet can cause a logic error. The attacker sends a data containing a very large byte size to the 4444/UDP port (user configurable, not enabled by default). A package that stops the service or may cause arbitrary code execution. The following products are affected by this vulnerability: CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1 and CPR9-SR6. RSLinx Enterprise is prone to a denial-of-service vulnerability because the application fails to properly handle the input submitted to it. An attacker can exploit this issue to terminate the affected service of the vulnerable application, denying service to legitimate users. Due to nature of this issue code execution is possible but Symantec has not confirmed it. Note: This BID is being retired as a duplicate of the issue discussed in BID 58917 (RSLinx Enterprise 'Logger.dll' CVE-2012-4695 Denial of Service Vulnerability). The following versions are affected: RSLinx Enterprise CPR9-SR2 RSLinx Enterprise CPR9-SR3 RSLinx Enterprise CPR9-SR4 RSLinx Enterprise CPR9-SR5 RSLinx Enterprise CPR9-SR5.1 RSLinx Enterprise CPR9-SR6. This software can establish communication links for Allen-Bradley (AB) programmable controllers, various Rockwell software, and AB application software. A buffer overflow vulnerability exists in LogReceiver.exe in Rockwell Automation RSLinx Enterprise
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201304-0009",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "cpr9",
"scope": null,
"trust": 4.8,
"vendor": "rslinx",
"version": null
},
{
"model": "rslinx enterprise",
"scope": "eq",
"trust": 1.6,
"vendor": "rockwellautomation",
"version": "cpr9"
},
{
"model": "rslinx enterprise",
"scope": "eq",
"trust": 0.8,
"vendor": "rockwell automation",
"version": "cpr9"
},
{
"model": "rslinx enterprise",
"scope": "eq",
"trust": 0.8,
"vendor": "rockwell automation",
"version": "cpr9-sr1"
},
{
"model": "rslinx enterprise",
"scope": "eq",
"trust": 0.8,
"vendor": "rockwell automation",
"version": "cpr9-sr2"
},
{
"model": "rslinx enterprise",
"scope": "eq",
"trust": 0.8,
"vendor": "rockwell automation",
"version": "cpr9-sr3"
},
{
"model": "rslinx enterprise",
"scope": "eq",
"trust": 0.8,
"vendor": "rockwell automation",
"version": "cpr9-sr4"
},
{
"model": "rslinx enterprise",
"scope": "eq",
"trust": 0.8,
"vendor": "rockwell automation",
"version": "cpr9-sr5"
},
{
"model": "rslinx enterprise",
"scope": "eq",
"trust": 0.8,
"vendor": "rockwell automation",
"version": "cpr9-sr5.1"
},
{
"model": "rslinx enterprise",
"scope": "eq",
"trust": 0.8,
"vendor": "rockwell automation",
"version": "cpr9-sr6"
},
{
"model": "automation rslinx enterprise software",
"scope": null,
"trust": 0.6,
"vendor": "rockwell",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "fb1ea858-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "fb189e90-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "faef2e48-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02790"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002410"
},
{
"db": "NVD",
"id": "CVE-2012-4715"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-066"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:rockwellautomation:rslinx_enterprise:cpr9:sr4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:rockwellautomation:rslinx_enterprise:cpr9:sr5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:rockwellautomation:rslinx_enterprise:cpr9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:rockwellautomation:rslinx_enterprise:cpr9:sr1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:rockwellautomation:rslinx_enterprise:cpr9:sr5.1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:rockwellautomation:rslinx_enterprise:cpr9:sr6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:rockwellautomation:rslinx_enterprise:cpr9:sr2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:rockwellautomation:rslinx_enterprise:cpr9:sr3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-4715"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Carsten Eiram of Risk Based Security",
"sources": [
{
"db": "BID",
"id": "58915"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-066"
}
],
"trust": 0.9
},
"cve": "CVE-2012-4715",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2012-4715",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2013-02790",
"impactScore": 7.8,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "fb1ea858-2352-11e6-abef-000c29c66e3d",
"impactScore": 7.8,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "fb189e90-2352-11e6-abef-000c29c66e3d",
"impactScore": 7.8,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "faef2e48-2352-11e6-abef-000c29c66e3d",
"impactScore": 7.8,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-57996",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-4715",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2013-02790",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201304-066",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "fb1ea858-2352-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "fb189e90-2352-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "faef2e48-2352-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-57996",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "fb1ea858-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "fb189e90-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "faef2e48-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02790"
},
{
"db": "VULHUB",
"id": "VHN-57996"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002410"
},
{
"db": "NVD",
"id": "CVE-2012-4715"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-066"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in LogReceiver.exe in Rockwell Automation RSLinx Enterprise CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a UDP packet with a certain integer length value that is (1) too large or (2) too small, leading to improper handling by Logger.dll. RSLinx Enterprise is a standard OPC server software that bridges the communication between RSView Server and PLC. RSLinx Enterprise (LogReceiver.exe and Logger.dll) does not process the input correctly. Receiving a very large packet can cause a logic error. The attacker sends a data containing a very large byte size to the 4444/UDP port (user configurable, not enabled by default). A package that stops the service or may cause arbitrary code execution. The following products are affected by this vulnerability: CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1 and CPR9-SR6. RSLinx Enterprise is prone to a denial-of-service vulnerability because the application fails to properly handle the input submitted to it. \nAn attacker can exploit this issue to terminate the affected service of the vulnerable application, denying service to legitimate users. Due to nature of this issue code execution is possible but Symantec has not confirmed it. \nNote: This BID is being retired as a duplicate of the issue discussed in BID 58917 (RSLinx Enterprise \u0027Logger.dll\u0027 CVE-2012-4695 Denial of Service Vulnerability). \nThe following versions are affected:\nRSLinx Enterprise CPR9-SR2\nRSLinx Enterprise CPR9-SR3\nRSLinx Enterprise CPR9-SR4\nRSLinx Enterprise CPR9-SR5\nRSLinx Enterprise CPR9-SR5.1\nRSLinx Enterprise CPR9-SR6. This software can establish communication links for Allen-Bradley (AB) programmable controllers, various Rockwell software, and AB application software. A buffer overflow vulnerability exists in LogReceiver.exe in Rockwell Automation RSLinx Enterprise",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-4715"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002410"
},
{
"db": "CNVD",
"id": "CNVD-2013-02790"
},
{
"db": "BID",
"id": "58915"
},
{
"db": "IVD",
"id": "fb1ea858-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "fb189e90-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "faef2e48-2352-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-57996"
}
],
"trust": 3.06
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-4715",
"trust": 4.0
},
{
"db": "ICS CERT",
"id": "ICSA-13-095-02",
"trust": 3.1
},
{
"db": "BID",
"id": "58915",
"trust": 1.6
},
{
"db": "CNNVD",
"id": "CNNVD-201304-066",
"trust": 1.3
},
{
"db": "CNVD",
"id": "CNVD-2013-02790",
"trust": 1.2
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002410",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "52808",
"trust": 0.6
},
{
"db": "IVD",
"id": "FB1EA858-2352-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "FB189E90-2352-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "FAEF2E48-2352-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-57996",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "fb1ea858-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "fb189e90-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "faef2e48-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02790"
},
{
"db": "VULHUB",
"id": "VHN-57996"
},
{
"db": "BID",
"id": "58915"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002410"
},
{
"db": "NVD",
"id": "CVE-2012-4715"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-066"
}
]
},
"id": "VAR-201304-0009",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "fb1ea858-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "fb189e90-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "faef2e48-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02790"
},
{
"db": "VULHUB",
"id": "VHN-57996"
}
],
"trust": 2.3
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.2
}
],
"sources": [
{
"db": "IVD",
"id": "fb1ea858-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "fb189e90-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "faef2e48-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02790"
}
]
},
"last_update_date": "2023-12-18T12:21:47.439000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.rockwellautomation.com/"
},
{
"title": "Partner",
"trust": 0.8,
"url": "http://jp.rockwellautomation.com/applications/gs/ap/gsjp.nsf/pages/partner"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://jp.rockwellautomation.com/"
},
{
"title": "Patch for RSLinx Enterprise \u0027Logger.dll\u0027 Remote Denial of Service Vulnerability ( CNVD-2013-21804 )",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/33159"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-02790"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002410"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57996"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002410"
},
{
"db": "NVD",
"id": "CVE-2012-4715"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "http://ics-cert.us-cert.gov/pdf/icsa-13-095-02.pdf"
},
{
"trust": 2.3,
"url": "https://rockwellautomation.custhelp.com/app/answers/detail/a_id/537599"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4715"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-4715"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52808"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/58915"
},
{
"trust": 0.3,
"url": "http://www.rockwellautomation.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-02790"
},
{
"db": "VULHUB",
"id": "VHN-57996"
},
{
"db": "BID",
"id": "58915"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002410"
},
{
"db": "NVD",
"id": "CVE-2012-4715"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-066"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "fb1ea858-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "fb189e90-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "faef2e48-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02790"
},
{
"db": "VULHUB",
"id": "VHN-57996"
},
{
"db": "BID",
"id": "58915"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002410"
},
{
"db": "NVD",
"id": "CVE-2012-4715"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-066"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-04-09T00:00:00",
"db": "IVD",
"id": "fb1ea858-2352-11e6-abef-000c29c66e3d"
},
{
"date": "2013-04-09T00:00:00",
"db": "IVD",
"id": "fb189e90-2352-11e6-abef-000c29c66e3d"
},
{
"date": "2013-04-09T00:00:00",
"db": "IVD",
"id": "faef2e48-2352-11e6-abef-000c29c66e3d"
},
{
"date": "2013-04-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-02790"
},
{
"date": "2013-04-18T00:00:00",
"db": "VULHUB",
"id": "VHN-57996"
},
{
"date": "2013-04-05T00:00:00",
"db": "BID",
"id": "58915"
},
{
"date": "2013-04-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-002410"
},
{
"date": "2013-04-18T11:33:02.067000",
"db": "NVD",
"id": "CVE-2012-4715"
},
{
"date": "2013-04-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201304-066"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-05-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-02790"
},
{
"date": "2013-10-02T00:00:00",
"db": "VULHUB",
"id": "VHN-57996"
},
{
"date": "2013-10-09T01:06:00",
"db": "BID",
"id": "58915"
},
{
"date": "2013-04-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-002410"
},
{
"date": "2013-10-02T04:18:36.310000",
"db": "NVD",
"id": "CVE-2012-4715"
},
{
"date": "2013-04-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201304-066"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201304-066"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Rockwell Automation RSLinx Enterprise of LogReceiver.exe Vulnerable to buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-002410"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "fb1ea858-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "fb189e90-2352-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "faef2e48-2352-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-066"
}
],
"trust": 1.2
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…