CVE-2012-1801

{"id": "CVE-2012-1801", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.7, "accessVector": "ADJACENT_NETWORK", "vectorString": "AV:A/AC:L/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 5.1, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2012-04-18T10:33:35.417", "references": [{"url": "http://secunia.com/advisories/48693", "source": "cret@cert.org"}, {"url": "http://www.securityfocus.com/bid/52888", "source": "cret@cert.org"}, {"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-095-01A.pdf", "tags": ["US Government Resource"], "source": "cret@cert.org"}, {"url": "http://www05.abb.com/global/scot/scot348.nsf/veritydisplay/35df9dc4a94ae83ac12579ca0043acc1/%24file/SI10231A2%20rev%200.pdf", "source": "cret@cert.org"}, {"url": "http://secunia.com/advisories/48693", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/52888", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-095-01A.pdf", "tags": ["US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www05.abb.com/global/scot/scot348.nsf/veritydisplay/35df9dc4a94ae83ac12579ca0043acc1/%24file/SI10231A2%20rev%200.pdf", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Multiple stack-based buffer overflows in (1) COM and (2) ActiveX controls in ABB WebWare Server, WebWare SDK, Interlink Module, S4 OPC Server, QuickTeach, RobotStudio S4, and RobotStudio Lite allow remote attackers to execute arbitrary code via crafted input data."}, {"lang": "es", "value": "M\u00faltiples desbordamientos de b\u00fafer basados ??en la pila en controles (1) COM y (2) ActiveX en ABB WebWare Server SDK WebWare, M\u00f3dulo de Interlink, S4 Servidor OPC, QuickTeach, S4 RobotStudio y RobotStudio Lite permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de la entrada modificada."}], "lastModified": "2024-11-21T01:37:48.583", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:abb:interlink_module:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E3613C59-4589-43B6-8B92-CD1D99CA5E08"}, {"criteria": "cpe:2.3:a:abb:quickteach:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "060957B9-B811-45D0-B6C6-AA3ABD8415E1"}, {"criteria": "cpe:2.3:a:abb:robotstudio_lite:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DDB58170-F332-442A-8470-523DAEE3C544"}, {"criteria": "cpe:2.3:a:abb:robotstudio_s4:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EA154046-8D05-4D9E-A1BF-65E36D9E92C8"}, {"criteria": "cpe:2.3:a:abb:s4_opc_server:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4F891948-4044-4D71-97E0-AB6E76830020"}, {"criteria": "cpe:2.3:a:abb:webware_sdk:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6C6E8AF2-2353-48A7-805A-A11D3D689F44"}, {"criteria": "cpe:2.3:a:abb:webware_server:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B02E9A10-D707-44BF-B37E-A457BDF3BB88"}], "operator": "OR"}]}], "sourceIdentifier": "cret@cert.org"}