var-201411-0359
Vulnerability from variot
Stack-based buffer overflow in Advantech WebAccess, formerly BroadWin WebAccess, before 8.0 allows remote attackers to execute arbitrary code via a crafted ip_address parameter in an HTML document. Advantech WebAccess HMI/SCADA is an HMI/SCADA software. A stack buffer overflow vulnerability exists in Advantech WebAccess because the application failed to properly check the user-supplied data before copying it to a full-size buffer. An attacker could exploit this vulnerability to execute arbitrary code in the context of an application (usually Internet Explorer) that is affected by an ActiveX control. Failed exploit attempts will likely result in denial-of-service conditions. Advantech WebAccess 7.2 is vulnerable; other versions may also be affected. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment. Core Security - Corelabs Advisory http://corelabs.coresecurity.com/
Advantech WebAccess Stack-based Buffer Overflow
- Advisory Information
Title: Advantech WebAccess Stack-based Buffer Overflow Advisory ID: CORE-2014-0010 Advisory URL: http://www.coresecurity.com/advisories/advantech-webAccess-stack-based-buffer-overflow Date published: 2014-11-19 Date of last update: 2014-11-19 Vendors contacted: Advantech Release mode: Coordinated release
-
Vulnerability Description
Advantech WebAccess [1] is a browser-based software package for human-machine interfaces HMI, and supervisory control and data acquisition SCADA.
-
WebAccess 7.2 .
-
Vendor Information, Solutions and Workarounds
Given that this is a client-side vulnerability, affected users should avoid opening untrusted '.html' files. Core Security also recommends those affected use third party software such as Sentinel [3] or EMET [2] that could help to prevent the exploitation of affected systems to some extent.
Additionally the vendor released WebAccess v8 [4] where it has deleted the vulnerable file 'webeye.ocx' but if version upgrade is being performed, the vulnerable ocx file is not deleted at all, therefore we do not consider this a correct fix.
-
Credits
This vulnerability was discovered and researched by Ricardo Narvaja from Core Security Consulting Services. The publication of this advisory was coordinated by Joaqu\xedn Rodr\xedguez Varela from Core Advisories Team.
-
This is caused because the application copies to the stack the string without checking its length.
/-----
document.vdoactx.Connect(ip_address, port_no);
-----/
/-----
0001C2AA 8B11 MOV EDX,DWORD PTR DS:[ECX] 0001C2AC 8A45 08 MOV AL,BYTE PTR SS:[EBP+8] 0001C2AF 8802 MOV BYTE PTR DS:[EDX],AL 0001C2B1 FF01 INC DWORD PTR DS:[ECX] 0001C2B3 0FB6C0 MOVZX EAX,AL 0001C2B6 EB 0B JMP SHORT 0001C2C3
-----/
-
Report Timeline . 2014-10-01:
Initial notification sent to ICS-CERT informing of the vulnerability and requesting the vendor's contact information. 2014-10-01:
ICS-CERT informs that they will ask the vendor if they want to coordinate directly with us or if they prefer to have ICS-CERT mediate. They request the vulnerability report. 2014-10-01:
ICS-CERT informs that the vendor answered that they would like the ICS-CERT to mediate the coordination of the advisory. They requested again the vulnerability report. 2014-10-01:
We send the vulnerability detail, including technical description and a PoC. 2014-10-09:
We request a status update on the reported vulnerability. 2014-10-20:
ICS-CERT informs that the vendor has patched WebAccess in version 8.0 and published it. This was done without informing us in order to make a coordianted release. The ICS-CERT asks if we can test the fix. 2014-10-21:
We clearly state how we disagree with the uncoordinated published fix. We began testing the fix. 2014-10-21:
We inform them that the "webeye.ocx" file (version 1.0.1.35) is still present in the new version. 2014-10-27:
ICS-CERT informs us that the vendor has removed the vulnerable OCX file from the new version but it doesn't remove it from previous installations, making the new version still vulnerable. 2014-11-13:
We inform them that we will publish this advisory as user release on Wednesday 19th of November. 2014-11-19:
Advisory CORE-2014-0010 published.
-
References
[1] http://webaccess.advantech.com/. [2] http://support.microsoft.com/kb/2458544. [3] https://github.com/CoreSecurity/sentinel. [4] http://webaccess.advantech.com/webaccess_download.php?lang=eng.
-
About CoreLabs
CoreLabs, the research center of Core Security, is charged with anticipating the future needs and requirements for information security technologies. We conduct our research in several important areas of computer security including system vulnerabilities, cyber attack planning and simulation, source code auditing, and cryptography. Our results include problem formalization, identification of vulnerabilities, novel solutions and prototypes for new technologies. CoreLabs regularly publishes security advisories, technical papers, project information and shared software tools for public use at: http://corelabs.coresecurity.com.
-
About Core Security
Core Security enables organizations to get ahead of threats with security test and measurement solutions that continuously identify and demonstrate real-world exposures to their most critical assets. Our customers can gain real visibility into their security standing, real validation of their security controls, and real metrics to more effectively secure their organizations.
Core Security's software solutions build on over a decade of trusted research and leading-edge threat expertise from the company's Security Consulting Services, CoreLabs and Engineering groups. Core Security can be reached at +1 (617) 399-6980 or on the Web at: http://www.coresecurity.com.
-
Disclaimer
The contents of this advisory are copyright (c) 2014 Core Security and (c) 2014 CoreLabs, and are licensed under a Creative Commons Attribution Non-Commercial Share-Alike 3.0 (United States) License: http://creativecommons.org/licenses/by-nc-sa/3.0/us/
-
PGP/GPG Keys
This advisory has been signed with the GPG key of Core Security advisories team, which is available for download at http://www.coresecurity.com/files/attachments/core_security_advisories.asc
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201411-0359",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webaccess",
"scope": "eq",
"trust": 1.2,
"vendor": "advantech",
"version": "7.2"
},
{
"model": "webaccess",
"scope": "lte",
"trust": 1.0,
"vendor": "advantech",
"version": "7.2"
},
{
"model": "webaccess",
"scope": "lt",
"trust": 0.8,
"vendor": "advantech",
"version": "8.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webaccess",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "b5ed655e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-08420"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005588"
},
{
"db": "NVD",
"id": "CVE-2014-8388"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-391"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:advantech:webaccess:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.2",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-8388"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ricardo Narvaja from Core Security Consulting Services",
"sources": [
{
"db": "BID",
"id": "71193"
}
],
"trust": 0.3
},
"cve": "CVE-2014-8388",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2014-8388",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2014-08420",
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "b5ed655e-2351-11e6-abef-000c29c66e3d",
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-76333",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-8388",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2014-08420",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201411-391",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "b5ed655e-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-76333",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "b5ed655e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-08420"
},
{
"db": "VULHUB",
"id": "VHN-76333"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005588"
},
{
"db": "NVD",
"id": "CVE-2014-8388"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-391"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stack-based buffer overflow in Advantech WebAccess, formerly BroadWin WebAccess, before 8.0 allows remote attackers to execute arbitrary code via a crafted ip_address parameter in an HTML document. Advantech WebAccess HMI/SCADA is an HMI/SCADA software. A stack buffer overflow vulnerability exists in Advantech WebAccess because the application failed to properly check the user-supplied data before copying it to a full-size buffer. An attacker could exploit this vulnerability to execute arbitrary code in the context of an application (usually Internet Explorer) that is affected by an ActiveX control. Failed exploit attempts will likely result in denial-of-service conditions. \nAdvantech WebAccess 7.2 is vulnerable; other versions may also be affected. The software supports dynamic graphic display and real-time data control, and provides functions of remote control and management of automation equipment. Core Security - Corelabs Advisory\nhttp://corelabs.coresecurity.com/\n\nAdvantech WebAccess Stack-based Buffer Overflow\n\n\n1. *Advisory Information*\n\nTitle: Advantech WebAccess Stack-based Buffer Overflow\nAdvisory ID: CORE-2014-0010\nAdvisory URL:\nhttp://www.coresecurity.com/advisories/advantech-webAccess-stack-based-buffer-overflow\nDate published: 2014-11-19\nDate of last update: 2014-11-19\nVendors contacted: Advantech\nRelease mode: Coordinated release\n\n\n2. *Vulnerability Description*\n\n Advantech WebAccess [1] is a browser-based software package for\nhuman-machine interfaces HMI, and supervisory control and data\nacquisition SCADA. \n \n\n4. WebAccess 7.2\n . \n\n\n5. *Vendor Information, Solutions and Workarounds*\n\n Given that this is a client-side vulnerability, affected users\nshould avoid opening untrusted \u0027.html\u0027 files. Core Security also\nrecommends those affected use third party software such as Sentinel [3]\nor EMET [2] that could help to prevent the exploitation of affected\nsystems to some extent. \n \n Additionally the vendor released WebAccess v8 [4] where it has\ndeleted the vulnerable file \u0027webeye.ocx\u0027 but if version upgrade is being\nperformed, the vulnerable ocx file is not deleted at all, therefore we\ndo not consider this a correct fix. \n \n\n6. *Credits*\n\n This vulnerability was discovered and researched by Ricardo Narvaja\nfrom Core Security Consulting Services. The publication of this advisory\nwas coordinated by Joaqu\\xedn Rodr\\xedguez Varela from Core Advisories Team. \n\n\n7. This is caused because the\napplication copies to the stack the string without checking its length. \n \n\n/-----\n \ndocument.vdoactx.Connect(ip_address, port_no);\n\n-----/\n\n\n/-----\n \n0001C2AA 8B11 MOV EDX,DWORD PTR DS:[ECX]\n0001C2AC 8A45 08 MOV AL,BYTE PTR SS:[EBP+8]\n0001C2AF 8802 MOV BYTE PTR DS:[EDX],AL\n0001C2B1 FF01 INC DWORD PTR DS:[ECX]\n0001C2B3 0FB6C0 MOVZX EAX,AL\n0001C2B6 EB 0B JMP SHORT 0001C2C3\n\n-----/\n\n\n8. *Report Timeline*\n. 2014-10-01:\n\n Initial notification sent to ICS-CERT informing of the vulnerability\nand requesting the vendor\u0027s contact information. 2014-10-01:\n\n ICS-CERT informs that they will ask the vendor if they want to\ncoordinate directly with us or if they prefer to have ICS-CERT mediate. \nThey request the vulnerability report. 2014-10-01:\n\n ICS-CERT informs that the vendor answered that they would like the\nICS-CERT to mediate the coordination of the advisory. They requested\nagain the vulnerability report. 2014-10-01:\n\n We send the vulnerability detail, including technical description\nand a PoC. 2014-10-09:\n\n We request a status update on the reported vulnerability. 2014-10-20:\n\n ICS-CERT informs that the vendor has patched WebAccess in version\n8.0 and published it. This was done without informing us in order to\nmake a coordianted release. The ICS-CERT asks if we can test the fix. 2014-10-21:\n\n We clearly state how we disagree with the uncoordinated published\nfix. We began testing the fix. 2014-10-21:\n\n We inform them that the \"webeye.ocx\" file (version 1.0.1.35) is\nstill present in the new version. 2014-10-27:\n\n ICS-CERT informs us that the vendor has removed the vulnerable OCX\nfile from the new version but it doesn\u0027t remove it from previous\ninstallations, making the new version still vulnerable. 2014-11-13:\n\n We inform them that we will publish this advisory as user release on\nWednesday 19th of November. 2014-11-19:\n\n Advisory CORE-2014-0010 published. \n \n\n9. *References*\n\n[1] http://webaccess.advantech.com/. \n[2] http://support.microsoft.com/kb/2458544. \n[3] https://github.com/CoreSecurity/sentinel. \n[4] http://webaccess.advantech.com/webaccess_download.php?lang=eng. \n\n\n10. *About CoreLabs*\n\n CoreLabs, the research center of Core Security, is charged with\nanticipating the future needs and requirements for information security\ntechnologies. We conduct our research in several important areas of\ncomputer security\nincluding system vulnerabilities, cyber attack planning and simulation,\nsource code auditing, and cryptography. Our results include problem\nformalization, identification of vulnerabilities, novel solutions and\nprototypes for new technologies. CoreLabs regularly publishes security\nadvisories, technical papers, project information and shared software\ntools for public use at: http://corelabs.coresecurity.com. \n \n\n11. *About Core Security*\n\n Core Security enables organizations to get ahead of threats with\nsecurity test and measurement solutions that continuously identify and\ndemonstrate real-world exposures to their most critical assets. Our\ncustomers can gain real visibility into their security standing, real\nvalidation of their security controls, and real metrics to more\neffectively secure their organizations. \n \n Core Security\u0027s software solutions build on over a decade of trusted\nresearch and leading-edge threat expertise from the company\u0027s Security\nConsulting Services, CoreLabs and Engineering groups. Core Security can\nbe reached at +1 (617) 399-6980 or on the Web at:\nhttp://www.coresecurity.com. \n \n\n12. *Disclaimer*\n\n The contents of this advisory are copyright (c) 2014 Core Security\nand (c) 2014 CoreLabs,\nand are licensed under a Creative Commons Attribution Non-Commercial\nShare-Alike 3.0 (United States) License:\nhttp://creativecommons.org/licenses/by-nc-sa/3.0/us/\n\n\n13. *PGP/GPG Keys*\n\n This advisory has been signed with the GPG key of Core Security\nadvisories team, which is available for download at\nhttp://www.coresecurity.com/files/attachments/core_security_advisories.asc",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-8388"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005588"
},
{
"db": "CNVD",
"id": "CNVD-2014-08420"
},
{
"db": "BID",
"id": "71193"
},
{
"db": "IVD",
"id": "b5ed655e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-76333"
},
{
"db": "PACKETSTORM",
"id": "129186"
}
],
"trust": 2.79
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-76333",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76333"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-8388",
"trust": 3.7
},
{
"db": "ICS CERT",
"id": "ICSA-14-324-01",
"trust": 2.5
},
{
"db": "BID",
"id": "71193",
"trust": 1.0
},
{
"db": "CNNVD",
"id": "CNNVD-201411-391",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2014-08420",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005588",
"trust": 0.8
},
{
"db": "IVD",
"id": "B5ED655E-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "129186",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-76333",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "b5ed655e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-08420"
},
{
"db": "VULHUB",
"id": "VHN-76333"
},
{
"db": "BID",
"id": "71193"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005588"
},
{
"db": "PACKETSTORM",
"id": "129186"
},
{
"db": "NVD",
"id": "CVE-2014-8388"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-391"
}
]
},
"id": "VAR-201411-0359",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "b5ed655e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-08420"
},
{
"db": "VULHUB",
"id": "VHN-76333"
}
],
"trust": 1.33267184
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "b5ed655e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-08420"
}
]
},
"last_update_date": "2023-12-18T12:51:49.283000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://webaccess.advantech.com/"
},
{
"title": "Patch for Advantech WebAccess Stack Buffer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/52041"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-08420"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005588"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76333"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005588"
},
{
"db": "NVD",
"id": "CVE-2014-8388"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-14-324-01"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8388"
},
{
"trust": 0.8,
"url": "https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8388"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/71193"
},
{
"trust": 0.3,
"url": "http://support.microsoft.com/kb/240797"
},
{
"trust": 0.1,
"url": "https://github.com/coresecurity/sentinel."
},
{
"trust": 0.1,
"url": "http://webaccess.advantech.com/webaccess_download.php?lang=eng."
},
{
"trust": 0.1,
"url": "http://corelabs.coresecurity.com."
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com/files/attachments/core_security_advisories.asc."
},
{
"trust": 0.1,
"url": "http://corelabs.coresecurity.com/"
},
{
"trust": 0.1,
"url": "http://webaccess.advantech.com/."
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com."
},
{
"trust": 0.1,
"url": "http://support.microsoft.com/kb/2458544."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-8388"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-nc-sa/3.0/us/"
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com/advisories/advantech-webaccess-stack-based-buffer-overflow"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-08420"
},
{
"db": "VULHUB",
"id": "VHN-76333"
},
{
"db": "BID",
"id": "71193"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005588"
},
{
"db": "PACKETSTORM",
"id": "129186"
},
{
"db": "NVD",
"id": "CVE-2014-8388"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-391"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "b5ed655e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-08420"
},
{
"db": "VULHUB",
"id": "VHN-76333"
},
{
"db": "BID",
"id": "71193"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005588"
},
{
"db": "PACKETSTORM",
"id": "129186"
},
{
"db": "NVD",
"id": "CVE-2014-8388"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-391"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-11-21T00:00:00",
"db": "IVD",
"id": "b5ed655e-2351-11e6-abef-000c29c66e3d"
},
{
"date": "2014-11-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-08420"
},
{
"date": "2014-11-21T00:00:00",
"db": "VULHUB",
"id": "VHN-76333"
},
{
"date": "2014-11-19T00:00:00",
"db": "BID",
"id": "71193"
},
{
"date": "2014-11-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005588"
},
{
"date": "2014-11-20T16:34:36",
"db": "PACKETSTORM",
"id": "129186"
},
{
"date": "2014-11-21T02:59:07.270000",
"db": "NVD",
"id": "CVE-2014-8388"
},
{
"date": "2014-11-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201411-391"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-11-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-08420"
},
{
"date": "2014-11-24T00:00:00",
"db": "VULHUB",
"id": "VHN-76333"
},
{
"date": "2015-07-15T00:14:00",
"db": "BID",
"id": "71193"
},
{
"date": "2014-11-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005588"
},
{
"date": "2014-11-24T14:09:54.730000",
"db": "NVD",
"id": "CVE-2014-8388"
},
{
"date": "2014-11-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201411-391"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201411-391"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Advantech WebAccess Stack Buffer Overflow Vulnerability",
"sources": [
{
"db": "IVD",
"id": "b5ed655e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-08420"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "b5ed655e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-391"
}
],
"trust": 0.8
}
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.