Vulnerabilites related to 3s-software - codesys_gateway-server
cve-2012-4705
Vulnerability from cvelistv5
Published
2013-02-24 11:00
Modified
2024-08-06 20:42
Severity ?
Summary
Directory traversal vulnerability in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via vectors involving a crafted pathname.
References
http://ics-cert.us-cert.gov/advisories/ICSA-13-050-01Ax_refsource_MISC
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T20:42:55.138Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-050-01A"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-02-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Directory traversal vulnerability in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via vectors involving a crafted pathname."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2013-05-21T09:00:00",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-050-01A"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2012-4705",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Directory traversal vulnerability in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via vectors involving a crafted pathname."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://ics-cert.us-cert.gov/advisories/ICSA-13-050-01A",
              "refsource": "MISC",
              "url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-050-01A"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2012-4705",
    "datePublished": "2013-02-24T11:00:00",
    "dateReserved": "2012-08-28T00:00:00",
    "dateUpdated": "2024-08-06T20:42:55.138Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2012-4704
Vulnerability from cvelistv5
Published
2013-02-24 11:00
Modified
2024-08-06 20:42
Severity ?
Summary
Array index error in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via a crafted packet.
References
http://ics-cert.us-cert.gov/advisories/ICSA-13-050-01Ax_refsource_MISC
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T20:42:55.155Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-050-01A"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-02-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Array index error in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via a crafted packet."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2013-05-21T09:00:00",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-050-01A"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2012-4704",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Array index error in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via a crafted packet."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://ics-cert.us-cert.gov/advisories/ICSA-13-050-01A",
              "refsource": "MISC",
              "url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-050-01A"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2012-4704",
    "datePublished": "2013-02-24T11:00:00",
    "dateReserved": "2012-08-28T00:00:00",
    "dateUpdated": "2024-08-06T20:42:55.155Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2012-4707
Vulnerability from cvelistv5
Published
2013-02-24 11:00
Modified
2024-08-06 20:42
Severity ?
Summary
3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via vectors that trigger an out-of-bounds memory access.
References
http://ics-cert.us-cert.gov/advisories/ICSA-13-050-01Ax_refsource_MISC
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T20:42:55.126Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-050-01A"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-02-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via vectors that trigger an out-of-bounds memory access."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2013-05-21T09:00:00",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-050-01A"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2012-4707",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via vectors that trigger an out-of-bounds memory access."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://ics-cert.us-cert.gov/advisories/ICSA-13-050-01A",
              "refsource": "MISC",
              "url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-050-01A"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2012-4707",
    "datePublished": "2013-02-24T11:00:00",
    "dateReserved": "2012-08-28T00:00:00",
    "dateUpdated": "2024-08-06T20:42:55.126Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2012-4706
Vulnerability from cvelistv5
Published
2013-02-24 11:00
Modified
2024-08-06 20:42
Severity ?
Summary
Integer signedness error in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to cause a denial of service via a crafted packet that triggers a heap-based buffer overflow.
References
http://ics-cert.us-cert.gov/advisories/ICSA-13-050-01Ax_refsource_MISC
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T20:42:55.136Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-050-01A"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-02-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer signedness error in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to cause a denial of service via a crafted packet that triggers a heap-based buffer overflow."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2013-05-21T09:00:00",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-050-01A"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2012-4706",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer signedness error in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to cause a denial of service via a crafted packet that triggers a heap-based buffer overflow."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://ics-cert.us-cert.gov/advisories/ICSA-13-050-01A",
              "refsource": "MISC",
              "url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-050-01A"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2012-4706",
    "datePublished": "2013-02-24T11:00:00",
    "dateReserved": "2012-08-28T00:00:00",
    "dateUpdated": "2024-08-06T20:42:55.136Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2013-2781
Vulnerability from cvelistv5
Published
2013-05-23 10:00
Modified
2024-09-16 22:25
Severity ?
Summary
Use-after-free vulnerability in the server application in 3S CODESYS Gateway 2.3.9.27 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via unspecified vectors.
References
http://ics-cert.us-cert.gov/advisories/ICSA-13-142-01x_refsource_MISC
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T15:44:33.684Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-142-01"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Use-after-free vulnerability in the server application in 3S CODESYS Gateway 2.3.9.27 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2013-05-23T10:00:00Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-142-01"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2013-2781",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Use-after-free vulnerability in the server application in 3S CODESYS Gateway 2.3.9.27 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://ics-cert.us-cert.gov/advisories/ICSA-13-142-01",
              "refsource": "MISC",
              "url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-142-01"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2013-2781",
    "datePublished": "2013-05-23T10:00:00Z",
    "dateReserved": "2013-04-11T00:00:00Z",
    "dateUpdated": "2024-09-16T22:25:44.349Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2012-4708
Vulnerability from cvelistv5
Published
2013-02-24 11:00
Modified
2024-08-06 20:42
Severity ?
Summary
Stack-based buffer overflow in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via a crafted packet.
References
http://ics-cert.us-cert.gov/advisories/ICSA-13-050-01Ax_refsource_MISC
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T20:42:54.995Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-050-01A"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-02-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via a crafted packet."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2013-05-21T09:00:00",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-050-01A"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2012-4708",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via a crafted packet."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://ics-cert.us-cert.gov/advisories/ICSA-13-050-01A",
              "refsource": "MISC",
              "url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-050-01A"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2012-4708",
    "datePublished": "2013-02-24T11:00:00",
    "dateReserved": "2012-08-28T00:00:00",
    "dateUpdated": "2024-08-06T20:42:54.995Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Vulnerability from fkie_nvd
Published
2013-02-24 11:48
Modified
2024-11-21 01:43
Severity ?
Summary
3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via vectors that trigger an out-of-bounds memory access.
References
ics-cert@hq.dhs.govhttp://ics-cert.us-cert.gov/advisories/ICSA-13-050-01A
af854a3a-2127-422b-91ae-364da2661108http://ics-cert.us-cert.gov/advisories/ICSA-13-050-01A
Impacted products
Vendor Product Version
3s-software codesys_gateway-server *
3s-software codesys_gateway-server 2.3.5.1
3s-software codesys_gateway-server 2.3.5.2
3s-software codesys_gateway-server 2.3.5.3
3s-software codesys_gateway-server 2.3.6.0
3s-software codesys_gateway-server 2.3.7.0
3s-software codesys_gateway-server 2.3.8.0
3s-software codesys_gateway-server 2.3.8.1
3s-software codesys_gateway-server 2.3.8.2
3s-software codesys_gateway-server 2.3.9
3s-software codesys_gateway-server 2.3.9.1
3s-software codesys_gateway-server 2.3.9.2
3s-software codesys_gateway-server 2.3.9.3
3s-software codesys_gateway-server 2.3.9.4
3s-software codesys_gateway-server 2.3.9.5
3s-software codesys_gateway-server 2.3.9.18


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D87A411-DFDE-4706-A9A2-BE0A18C07BCB",
              "versionEndIncluding": "2.3.9.19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "39D74F9E-C823-4410-9808-0BE4D539C58A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F43CF01-BA5C-4019-AFCC-94F1870FF797",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A96F44BD-13FD-4F8D-819A-E8FE1540AD81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "752184AF-4778-42CA-9A4C-C726143DB5AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDB0A643-941B-4CB7-AB18-450C2657A46C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DB71617-0CF5-4AB6-A402-A0C618AE5808",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8318B0-E4FB-4C61-AD99-C3637FE2BF0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCB6D6EE-1ABB-490A-95EE-A78DAA608D2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9417285-52FE-445C-9072-0BA347A24E40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "414ED2C5-CB35-477B-81AD-0E59AF4D25A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FA2C659-888F-40EF-96EB-D352E755F343",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EF459E4-47EC-498C-82A5-50C8DD3127B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.9.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6319826B-AAF2-4789-A0FD-D90F11065E03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.9.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD9184C3-EC1D-4890-AB02-C48BB8D81960",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.9.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E09E0E1-F8A9-4DEA-85A4-615E3B0F02BA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via vectors that trigger an out-of-bounds memory access."
    },
    {
      "lang": "es",
      "value": "3S CODESYS Gateway-Server anterior a v2.3.9.27, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de vectores que lanzan un acceso a memoria fuera de rango."
    }
  ],
  "id": "CVE-2012-4707",
  "lastModified": "2024-11-21T01:43:23.553",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-02-24T11:48:21.143",
  "references": [
    {
      "source": "ics-cert@hq.dhs.gov",
      "url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-050-01A"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-050-01A"
    }
  ],
  "sourceIdentifier": "ics-cert@hq.dhs.gov",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2013-02-24 11:48
Modified
2024-11-21 01:43
Severity ?
Summary
Directory traversal vulnerability in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via vectors involving a crafted pathname.
References
ics-cert@hq.dhs.govhttp://ics-cert.us-cert.gov/advisories/ICSA-13-050-01A
af854a3a-2127-422b-91ae-364da2661108http://ics-cert.us-cert.gov/advisories/ICSA-13-050-01A
Impacted products
Vendor Product Version
3s-software codesys_gateway-server *
3s-software codesys_gateway-server 2.3.5.1
3s-software codesys_gateway-server 2.3.5.2
3s-software codesys_gateway-server 2.3.5.3
3s-software codesys_gateway-server 2.3.6.0
3s-software codesys_gateway-server 2.3.7.0
3s-software codesys_gateway-server 2.3.8.0
3s-software codesys_gateway-server 2.3.8.1
3s-software codesys_gateway-server 2.3.8.2
3s-software codesys_gateway-server 2.3.9
3s-software codesys_gateway-server 2.3.9.1
3s-software codesys_gateway-server 2.3.9.2
3s-software codesys_gateway-server 2.3.9.3
3s-software codesys_gateway-server 2.3.9.4
3s-software codesys_gateway-server 2.3.9.5
3s-software codesys_gateway-server 2.3.9.18
3s-software codesys_gateway-server 2.3.9.19


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBDE03A6-E0DB-4F26-9787-5645D8CB5B24",
              "versionEndIncluding": "2.3.9.20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "39D74F9E-C823-4410-9808-0BE4D539C58A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F43CF01-BA5C-4019-AFCC-94F1870FF797",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A96F44BD-13FD-4F8D-819A-E8FE1540AD81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "752184AF-4778-42CA-9A4C-C726143DB5AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDB0A643-941B-4CB7-AB18-450C2657A46C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DB71617-0CF5-4AB6-A402-A0C618AE5808",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8318B0-E4FB-4C61-AD99-C3637FE2BF0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCB6D6EE-1ABB-490A-95EE-A78DAA608D2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9417285-52FE-445C-9072-0BA347A24E40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "414ED2C5-CB35-477B-81AD-0E59AF4D25A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FA2C659-888F-40EF-96EB-D352E755F343",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EF459E4-47EC-498C-82A5-50C8DD3127B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.9.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6319826B-AAF2-4789-A0FD-D90F11065E03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.9.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD9184C3-EC1D-4890-AB02-C48BB8D81960",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.9.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E09E0E1-F8A9-4DEA-85A4-615E3B0F02BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.9.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "56974039-888C-45E8-9648-D0E38F72E439",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Directory traversal vulnerability in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via vectors involving a crafted pathname."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de salto de directorio en CoDeSys Gateway-3S Server antes v2.3.9.27 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores relacionados con una ruta dise\u00f1ada."
    }
  ],
  "id": "CVE-2012-4705",
  "lastModified": "2024-11-21T01:43:23.337",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-02-24T11:48:21.063",
  "references": [
    {
      "source": "ics-cert@hq.dhs.gov",
      "url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-050-01A"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-050-01A"
    }
  ],
  "sourceIdentifier": "ics-cert@hq.dhs.gov",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2013-02-24 11:48
Modified
2024-11-21 01:43
Severity ?
Summary
Array index error in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via a crafted packet.
References
ics-cert@hq.dhs.govhttp://ics-cert.us-cert.gov/advisories/ICSA-13-050-01A
af854a3a-2127-422b-91ae-364da2661108http://ics-cert.us-cert.gov/advisories/ICSA-13-050-01A
Impacted products
Vendor Product Version
3s-software codesys_gateway-server *
3s-software codesys_gateway-server 2.3.5.1
3s-software codesys_gateway-server 2.3.5.2
3s-software codesys_gateway-server 2.3.5.3
3s-software codesys_gateway-server 2.3.6.0
3s-software codesys_gateway-server 2.3.7.0
3s-software codesys_gateway-server 2.3.8.0
3s-software codesys_gateway-server 2.3.8.1
3s-software codesys_gateway-server 2.3.8.2
3s-software codesys_gateway-server 2.3.9
3s-software codesys_gateway-server 2.3.9.1
3s-software codesys_gateway-server 2.3.9.2
3s-software codesys_gateway-server 2.3.9.3
3s-software codesys_gateway-server 2.3.9.4
3s-software codesys_gateway-server 2.3.9.5
3s-software codesys_gateway-server 2.3.9.18
3s-software codesys_gateway-server 2.3.9.19


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBDE03A6-E0DB-4F26-9787-5645D8CB5B24",
              "versionEndIncluding": "2.3.9.20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "39D74F9E-C823-4410-9808-0BE4D539C58A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F43CF01-BA5C-4019-AFCC-94F1870FF797",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A96F44BD-13FD-4F8D-819A-E8FE1540AD81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "752184AF-4778-42CA-9A4C-C726143DB5AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDB0A643-941B-4CB7-AB18-450C2657A46C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DB71617-0CF5-4AB6-A402-A0C618AE5808",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8318B0-E4FB-4C61-AD99-C3637FE2BF0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCB6D6EE-1ABB-490A-95EE-A78DAA608D2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9417285-52FE-445C-9072-0BA347A24E40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "414ED2C5-CB35-477B-81AD-0E59AF4D25A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FA2C659-888F-40EF-96EB-D352E755F343",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EF459E4-47EC-498C-82A5-50C8DD3127B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.9.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6319826B-AAF2-4789-A0FD-D90F11065E03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.9.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD9184C3-EC1D-4890-AB02-C48BB8D81960",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.9.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E09E0E1-F8A9-4DEA-85A4-615E3B0F02BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.9.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "56974039-888C-45E8-9648-D0E38F72E439",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Array index error in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via a crafted packet."
    },
    {
      "lang": "es",
      "value": "Errores de \u00ednidce en la matriz en CODESYS Gateway-Server antes de v2.3.9.27 que permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un paquete hecho a mano."
    }
  ],
  "id": "CVE-2012-4704",
  "lastModified": "2024-11-21T01:43:23.230",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-02-24T11:48:21.033",
  "references": [
    {
      "source": "ics-cert@hq.dhs.gov",
      "url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-050-01A"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-050-01A"
    }
  ],
  "sourceIdentifier": "ics-cert@hq.dhs.gov",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2013-05-23 13:36
Modified
2024-11-21 01:52
Severity ?
Summary
Use-after-free vulnerability in the server application in 3S CODESYS Gateway 2.3.9.27 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via unspecified vectors.
References
ics-cert@hq.dhs.govhttp://ics-cert.us-cert.gov/advisories/ICSA-13-142-01US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://ics-cert.us-cert.gov/advisories/ICSA-13-142-01US Government Resource
Impacted products
Vendor Product Version
3s-software codesys_gateway-server 2.3.9.27


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.9.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "55166023-DE9C-4D64-8BDD-7213868609C0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Use-after-free vulnerability in the server application in 3S CODESYS Gateway 2.3.9.27 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad \"usar despu\u00e9s de liberar\" en el servidor de aplicaciones de 3S CODESYS Gateway v2.3.9.27 permite a atacantes remotos causar una denegaci\u00f3n de servicios (ca\u00edda del demonio) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados."
    }
  ],
  "id": "CVE-2013-2781",
  "lastModified": "2024-11-21T01:52:21.360",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-05-23T13:36:30.423",
  "references": [
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-142-01"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-142-01"
    }
  ],
  "sourceIdentifier": "ics-cert@hq.dhs.gov",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2013-02-24 11:48
Modified
2024-11-21 01:43
Severity ?
Summary
Stack-based buffer overflow in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via a crafted packet.
References
ics-cert@hq.dhs.govhttp://ics-cert.us-cert.gov/advisories/ICSA-13-050-01A
af854a3a-2127-422b-91ae-364da2661108http://ics-cert.us-cert.gov/advisories/ICSA-13-050-01A
Impacted products
Vendor Product Version
3s-software codesys_gateway-server *
3s-software codesys_gateway-server 2.3.5.1
3s-software codesys_gateway-server 2.3.5.2
3s-software codesys_gateway-server 2.3.5.3
3s-software codesys_gateway-server 2.3.6.0
3s-software codesys_gateway-server 2.3.7.0
3s-software codesys_gateway-server 2.3.8.0
3s-software codesys_gateway-server 2.3.8.1
3s-software codesys_gateway-server 2.3.8.2
3s-software codesys_gateway-server 2.3.9
3s-software codesys_gateway-server 2.3.9.1
3s-software codesys_gateway-server 2.3.9.2
3s-software codesys_gateway-server 2.3.9.3
3s-software codesys_gateway-server 2.3.9.4
3s-software codesys_gateway-server 2.3.9.5
3s-software codesys_gateway-server 2.3.9.18
3s-software codesys_gateway-server 2.3.9.19


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBDE03A6-E0DB-4F26-9787-5645D8CB5B24",
              "versionEndIncluding": "2.3.9.20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "39D74F9E-C823-4410-9808-0BE4D539C58A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F43CF01-BA5C-4019-AFCC-94F1870FF797",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A96F44BD-13FD-4F8D-819A-E8FE1540AD81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "752184AF-4778-42CA-9A4C-C726143DB5AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDB0A643-941B-4CB7-AB18-450C2657A46C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DB71617-0CF5-4AB6-A402-A0C618AE5808",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8318B0-E4FB-4C61-AD99-C3637FE2BF0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCB6D6EE-1ABB-490A-95EE-A78DAA608D2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9417285-52FE-445C-9072-0BA347A24E40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "414ED2C5-CB35-477B-81AD-0E59AF4D25A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FA2C659-888F-40EF-96EB-D352E755F343",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EF459E4-47EC-498C-82A5-50C8DD3127B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.9.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6319826B-AAF2-4789-A0FD-D90F11065E03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.9.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD9184C3-EC1D-4890-AB02-C48BB8D81960",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.9.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E09E0E1-F8A9-4DEA-85A4-615E3B0F02BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.9.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "56974039-888C-45E8-9648-D0E38F72E439",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via a crafted packet."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer basado en pila en 3S CODESYS Gateway-Server anterior a v 2.3.9.27, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un paquete manipulado."
    }
  ],
  "id": "CVE-2012-4708",
  "lastModified": "2024-11-21T01:43:23.663",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-02-24T11:48:21.190",
  "references": [
    {
      "source": "ics-cert@hq.dhs.gov",
      "url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-050-01A"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-050-01A"
    }
  ],
  "sourceIdentifier": "ics-cert@hq.dhs.gov",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2013-02-24 11:48
Modified
2024-11-21 01:43
Severity ?
Summary
Integer signedness error in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to cause a denial of service via a crafted packet that triggers a heap-based buffer overflow.
References
ics-cert@hq.dhs.govhttp://ics-cert.us-cert.gov/advisories/ICSA-13-050-01A
af854a3a-2127-422b-91ae-364da2661108http://ics-cert.us-cert.gov/advisories/ICSA-13-050-01A
Impacted products
Vendor Product Version
3s-software codesys_gateway-server *
3s-software codesys_gateway-server 2.3.5.1
3s-software codesys_gateway-server 2.3.5.2
3s-software codesys_gateway-server 2.3.5.3
3s-software codesys_gateway-server 2.3.6.0
3s-software codesys_gateway-server 2.3.7.0
3s-software codesys_gateway-server 2.3.8.0
3s-software codesys_gateway-server 2.3.8.1
3s-software codesys_gateway-server 2.3.8.2
3s-software codesys_gateway-server 2.3.9
3s-software codesys_gateway-server 2.3.9.1
3s-software codesys_gateway-server 2.3.9.2
3s-software codesys_gateway-server 2.3.9.3
3s-software codesys_gateway-server 2.3.9.4
3s-software codesys_gateway-server 2.3.9.5
3s-software codesys_gateway-server 2.3.9.18
3s-software codesys_gateway-server 2.3.9.19


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBDE03A6-E0DB-4F26-9787-5645D8CB5B24",
              "versionEndIncluding": "2.3.9.20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "39D74F9E-C823-4410-9808-0BE4D539C58A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F43CF01-BA5C-4019-AFCC-94F1870FF797",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A96F44BD-13FD-4F8D-819A-E8FE1540AD81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "752184AF-4778-42CA-9A4C-C726143DB5AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDB0A643-941B-4CB7-AB18-450C2657A46C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DB71617-0CF5-4AB6-A402-A0C618AE5808",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8318B0-E4FB-4C61-AD99-C3637FE2BF0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCB6D6EE-1ABB-490A-95EE-A78DAA608D2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9417285-52FE-445C-9072-0BA347A24E40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "414ED2C5-CB35-477B-81AD-0E59AF4D25A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FA2C659-888F-40EF-96EB-D352E755F343",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EF459E4-47EC-498C-82A5-50C8DD3127B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.9.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6319826B-AAF2-4789-A0FD-D90F11065E03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.9.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD9184C3-EC1D-4890-AB02-C48BB8D81960",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.9.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E09E0E1-F8A9-4DEA-85A4-615E3B0F02BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:3s-software:codesys_gateway-server:2.3.9.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "56974039-888C-45E8-9648-D0E38F72E439",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer signedness error in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to cause a denial of service via a crafted packet that triggers a heap-based buffer overflow."
    },
    {
      "lang": "es",
      "value": "Error de asignaci\u00f3n de entero en 3S CODESYS Gateway-Server anterior a v2.3.9.27, permite a atacantes remotos provocar una denegaci\u00f3n de servicio a trav\u00e9s de un paquete especialmente manipulado que provoca un desbordamiento de b\u00fafer (heap)"
    }
  ],
  "id": "CVE-2012-4706",
  "lastModified": "2024-11-21T01:43:23.443",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-02-24T11:48:21.110",
  "references": [
    {
      "source": "ics-cert@hq.dhs.gov",
      "url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-050-01A"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://ics-cert.us-cert.gov/advisories/ICSA-13-050-01A"
    }
  ],
  "sourceIdentifier": "ics-cert@hq.dhs.gov",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}