var-201207-0056
Vulnerability from variot
Multiple stack-based buffer overflows in the KeyHelp.KeyCtrl.1 ActiveX control in KeyHelp.ocx 1.2.312 in KeyWorks KeyHelp Module (aka the HTML Help component), as used in EMC Documentum ApplicationXtender Desktop 5.4; EMC Captiva Quickscan Pro 4.6 SP1; GE Intelligent Platforms Proficy Historian 3.1, 3.5, 4.0, and 4.5; GE Intelligent Platforms Proficy HMI/SCADA iFIX 5.0 and 5.1; GE Intelligent Platforms Proficy Pulse 1.0; GE Intelligent Platforms Proficy Batch Execution 5.6; GE Intelligent Platforms SI7 I/O Driver 7.20 through 7.42; and other products, allow remote attackers to execute arbitrary code via a long string in the second argument to the (1) JumpMappedID or (2) JumpURL method. GE Intelligent Platforms is a software and hardware product, service and expertise for users in the field of automation control and embedded. GE Proficy's multiple product KeyHelp.ocx controls fail to properly handle user-committed input, allowing attackers to perform stack-based buffer overflow attacks that can execute arbitrary code in the context of the application. KeyWorks KeyHelp Module is prone to a remote stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. Successful exploits will compromise the application and the computer. Failed attacks will cause denial-of-service conditions. ----------------------------------------------------------------------
Do you have VARM strategy implemented?
(Vulnerability Assessment Remediation Management)
If not, then implement it through the most reliable vulnerability intelligence source on the market.
Implement it through Secunia.
For more information visit: http://secunia.com/advisories/business_solutions/
Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com
TITLE: KeyWorks KeyHelp ActiveX Control Buffer Overflow Vulnerability
SECUNIA ADVISORY ID: SA36905
VERIFY ADVISORY: http://secunia.com/advisories/36905/
DESCRIPTION: pyrokinesis has discovered a vulnerability in the KeyWorks KeyHelp ActiveX control, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to a boundary error in the KeyHelp.KeyCtrl.1 ActiveX control (KeyHelp.ocx). This can be exploited to cause a stack-based buffer overflow via an overly long argument passed to the "JumpMappedID()" or "JumpURL()" method.
Successful exploitation allows execution of arbitrary code.
The vulnerability is confirmed in KeyHelp.ocx version 1.2.3120.0. Other versions may also be affected.
SOLUTION: Set the kill-bit for the affected ActiveX control.
PROVIDED AND/OR DISCOVERED BY: Nine:Situations:Group::pyrokinesis
ORIGINAL ADVISORY: http://retrogod.altervista.org/9sg_emc_keyhelp.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. ----------------------------------------------------------------------
Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch
TITLE: GE Intelligent Platforms Multiple Products KeyHelp ActiveX Control Two Vulnerabilities
SECUNIA ADVISORY ID: SA49728
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/49728/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=49728
RELEASE DATE: 2012-06-29
DISCUSS ADVISORY: http://secunia.com/advisories/49728/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/49728/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=49728
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Two vulnerabilities have been reported in multiple GE Intelligent Platforms products, which can be exploited by malicious people to compromise a user's system.
The vulnerabilities are reported in the following products: * Proficy Historian versions 4.5, 4.0, 3.5, and 3.1 * Proficy HMI/SCADA \x96 iFIX versions 5.1 and 5.0 * Proficy Pulse version 1.0 * Proficy Batch Execution version 5.6 * SI7 I/O Driver versions 7.20 through 7.42
SOLUTION: Apply patch (please see the vendor's advisory for more information).
PROVIDED AND/OR DISCOVERED BY: 2) The vendor credits Andrea Micalizzi aka rgod via ZDI
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201207-0056",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "intelligent platforms si7 i\\/o driver",
"scope": "eq",
"trust": 1.6,
"vendor": "ge",
"version": "7.42"
},
{
"model": "intelligent platforms proficy historian",
"scope": "eq",
"trust": 1.6,
"vendor": "ge",
"version": "4.0"
},
{
"model": "intelligent platforms si7 i\\/o driver",
"scope": "eq",
"trust": 1.6,
"vendor": "ge",
"version": "7.20"
},
{
"model": "intelligent platforms proficy historian",
"scope": "eq",
"trust": 1.6,
"vendor": "ge",
"version": "3.5"
},
{
"model": "intelligent platforms proficy hmi\\/scada ifix",
"scope": "eq",
"trust": 1.6,
"vendor": "ge",
"version": "5.1"
},
{
"model": "intelligent platforms proficy historian",
"scope": "eq",
"trust": 1.6,
"vendor": "ge",
"version": "3.1"
},
{
"model": "intelligent platforms proficy hmi\\/scada ifix",
"scope": "eq",
"trust": 1.6,
"vendor": "ge",
"version": "5.0"
},
{
"model": "intelligent platforms proficy pulse",
"scope": "eq",
"trust": 1.6,
"vendor": "ge",
"version": "1.0"
},
{
"model": "intelligent platforms proficy historian",
"scope": "eq",
"trust": 1.6,
"vendor": "ge",
"version": "4.5"
},
{
"model": "intelligent platforms proficy batch execution",
"scope": "eq",
"trust": 1.6,
"vendor": "ge",
"version": "5.6"
},
{
"model": "proficy historian",
"scope": "eq",
"trust": 1.4,
"vendor": "general electric",
"version": "4.5"
},
{
"model": "proficy historian",
"scope": "eq",
"trust": 1.4,
"vendor": "general electric",
"version": "3.1"
},
{
"model": "proficy historian",
"scope": "eq",
"trust": 1.4,
"vendor": "general electric",
"version": "3.5"
},
{
"model": "proficy historian",
"scope": "eq",
"trust": 1.4,
"vendor": "general electric",
"version": "4.0"
},
{
"model": "documentum applicationxtender desktop",
"scope": "eq",
"trust": 1.3,
"vendor": "emc",
"version": "5.4"
},
{
"model": "captiva quickscan pro",
"scope": "eq",
"trust": 1.0,
"vendor": "emc",
"version": "4.6"
},
{
"model": "captiva quickscan pro",
"scope": "eq",
"trust": 0.8,
"vendor": "dell emc old emc",
"version": "4.6 sp1"
},
{
"model": "documentum applicationxtender desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "dell emc old emc",
"version": "5.4"
},
{
"model": "proficy batch execution",
"scope": "eq",
"trust": 0.8,
"vendor": "general electric",
"version": "5.6"
},
{
"model": "proficy hmi/scada - ifix",
"scope": "eq",
"trust": 0.8,
"vendor": "general electric",
"version": "5.0"
},
{
"model": "proficy hmi/scada - ifix",
"scope": "eq",
"trust": 0.8,
"vendor": "general electric",
"version": "5.1"
},
{
"model": "proficy pulse",
"scope": "eq",
"trust": 0.8,
"vendor": "general electric",
"version": "1.0"
},
{
"model": "si7 i/o driver",
"scope": "eq",
"trust": 0.8,
"vendor": "general electric",
"version": "7.20 to 7.42"
},
{
"model": "proficy hmi/scada-ifix",
"scope": "eq",
"trust": 0.6,
"vendor": "general electric",
"version": "5.0"
},
{
"model": "proficy hmi/scada-ifix",
"scope": "eq",
"trust": 0.6,
"vendor": "general electric",
"version": "5.1"
},
{
"model": "electric proficy hmi/scada-ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "general",
"version": "5.1"
},
{
"model": "electric proficy hmi/scada-ifix",
"scope": "eq",
"trust": 0.3,
"vendor": "general",
"version": "5.0"
},
{
"model": "electric proficy historian",
"scope": "eq",
"trust": 0.3,
"vendor": "general",
"version": "4.5"
},
{
"model": "electric proficy historian",
"scope": "eq",
"trust": 0.3,
"vendor": "general",
"version": "4.0"
},
{
"model": "electric proficy historian",
"scope": "eq",
"trust": 0.3,
"vendor": "general",
"version": "3.5"
},
{
"model": "electric proficy historian",
"scope": "eq",
"trust": 0.3,
"vendor": "general",
"version": "3.1"
},
{
"model": "keyhelp module",
"scope": "eq",
"trust": 0.3,
"vendor": "keyworks",
"version": "1.2.312"
},
{
"model": "captiva quickscan pro sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "emc",
"version": "4.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "captiva quickscan pro",
"version": "4.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "documentum applicationxtender desktop",
"version": "5.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "intelligent platforms proficy batch execution",
"version": "5.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "intelligent platforms proficy historian",
"version": "3.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "intelligent platforms proficy historian",
"version": "3.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "intelligent platforms proficy historian",
"version": "4.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "intelligent platforms proficy historian",
"version": "4.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "intelligent platforms proficy hmi scada ifix",
"version": "5.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "intelligent platforms proficy hmi scada ifix",
"version": "5.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "intelligent platforms proficy pulse",
"version": "1.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "intelligent platforms si7 i o driver",
"version": "7.20"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "intelligent platforms si7 i o driver",
"version": "7.42"
}
],
"sources": [
{
"db": "IVD",
"id": "b1754968-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3421"
},
{
"db": "BID",
"id": "54215"
},
{
"db": "BID",
"id": "36546"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003013"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-522"
},
{
"db": "NVD",
"id": "CVE-2012-2515"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:emc:captiva_quickscan_pro",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:emc:documentum_applicationxtender_desktop",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ge:intelligent_platforms_proficy_batch_execution",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ge:intelligent_platforms_proficy_historian",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ge:intelligent_platforms_proficy_hmi%2Fscada_ifix",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ge:intelligent_platforms_proficy_pulse",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ge:intelligent_platforms_si7_i%2Fo_driver",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003013"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Andrea Micalizzi",
"sources": [
{
"db": "BID",
"id": "54215"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-522"
}
],
"trust": 0.9
},
"cve": "CVE-2012-2515",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2012-2515",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "b1754968-2353-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2012-2515",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2012-2515",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201206-522",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "b1754968-2353-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "b1754968-2353-11e6-abef-000c29c66e3d"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003013"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-522"
},
{
"db": "NVD",
"id": "CVE-2012-2515"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple stack-based buffer overflows in the KeyHelp.KeyCtrl.1 ActiveX control in KeyHelp.ocx 1.2.312 in KeyWorks KeyHelp Module (aka the HTML Help component), as used in EMC Documentum ApplicationXtender Desktop 5.4; EMC Captiva Quickscan Pro 4.6 SP1; GE Intelligent Platforms Proficy Historian 3.1, 3.5, 4.0, and 4.5; GE Intelligent Platforms Proficy HMI/SCADA iFIX 5.0 and 5.1; GE Intelligent Platforms Proficy Pulse 1.0; GE Intelligent Platforms Proficy Batch Execution 5.6; GE Intelligent Platforms SI7 I/O Driver 7.20 through 7.42; and other products, allow remote attackers to execute arbitrary code via a long string in the second argument to the (1) JumpMappedID or (2) JumpURL method. GE Intelligent Platforms is a software and hardware product, service and expertise for users in the field of automation control and embedded. GE Proficy\u0027s multiple product KeyHelp.ocx controls fail to properly handle user-committed input, allowing attackers to perform stack-based buffer overflow attacks that can execute arbitrary code in the context of the application. KeyWorks KeyHelp Module is prone to a remote stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. Successful exploits will compromise the application and the computer. Failed attacks will cause denial-of-service conditions. ----------------------------------------------------------------------\n\nDo you have VARM strategy implemented?\n\n(Vulnerability Assessment Remediation Management) \n\nIf not, then implement it through the most reliable vulnerability\nintelligence source on the market. \n\nImplement it through Secunia. \n\nFor more information visit:\nhttp://secunia.com/advisories/business_solutions/\n\nAlternatively request a call from a Secunia representative today to\ndiscuss how we can help you with our capabilities contact us at:\nsales@secunia.com\n\n----------------------------------------------------------------------\n\nTITLE:\nKeyWorks KeyHelp ActiveX Control Buffer Overflow Vulnerability\n\nSECUNIA ADVISORY ID:\nSA36905\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/36905/\n\nDESCRIPTION:\npyrokinesis has discovered a vulnerability in the KeyWorks KeyHelp\nActiveX control, which can be exploited by malicious people to\ncompromise a user\u0027s system. \n\nThe vulnerability is caused due to a boundary error in the\nKeyHelp.KeyCtrl.1 ActiveX control (KeyHelp.ocx). This can be\nexploited to cause a stack-based buffer overflow via an overly long\nargument passed to the \"JumpMappedID()\" or \"JumpURL()\" method. \n\nSuccessful exploitation allows execution of arbitrary code. \n\nThe vulnerability is confirmed in KeyHelp.ocx version 1.2.3120.0. \nOther versions may also be affected. \n\nSOLUTION:\nSet the kill-bit for the affected ActiveX control. \n\nPROVIDED AND/OR DISCOVERED BY:\nNine:Situations:Group::pyrokinesis\n\nORIGINAL ADVISORY:\nhttp://retrogod.altervista.org/9sg_emc_keyhelp.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. ----------------------------------------------------------------------\n\nBecome a PSI 3.0 beta tester!\nTest-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. \nDownload it here!\nhttp://secunia.com/psi_30_beta_launch\n\n----------------------------------------------------------------------\n\nTITLE:\nGE Intelligent Platforms Multiple Products KeyHelp ActiveX Control\nTwo Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA49728\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/49728/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49728\n\nRELEASE DATE:\n2012-06-29\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/49728/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/49728/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49728\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nTwo vulnerabilities have been reported in multiple GE Intelligent\nPlatforms products, which can be exploited by malicious people to\ncompromise a user\u0027s system. \n\nThe vulnerabilities are reported in the following products:\n* Proficy Historian versions 4.5, 4.0, 3.5, and 3.1\n* Proficy HMI/SCADA \\x96 iFIX versions 5.1 and 5.0\n* Proficy Pulse version 1.0\n* Proficy Batch Execution version 5.6\n* SI7 I/O Driver versions 7.20 through 7.42\n\nSOLUTION:\nApply patch (please see the vendor\u0027s advisory for more information). \n\nPROVIDED AND/OR DISCOVERED BY:\n2) The vendor credits Andrea Micalizzi aka rgod via ZDI",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-2515"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003013"
},
{
"db": "CNVD",
"id": "CNVD-2012-3421"
},
{
"db": "BID",
"id": "54215"
},
{
"db": "BID",
"id": "36546"
},
{
"db": "IVD",
"id": "b1754968-2353-11e6-abef-000c29c66e3d"
},
{
"db": "PACKETSTORM",
"id": "81748"
},
{
"db": "PACKETSTORM",
"id": "81740"
},
{
"db": "PACKETSTORM",
"id": "114351"
}
],
"trust": 3.15
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-2515",
"trust": 3.8
},
{
"db": "ICS CERT",
"id": "ICSA-12-131-02",
"trust": 3.0
},
{
"db": "BID",
"id": "36546",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "36905",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "36914",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2009-2793",
"trust": 1.0
},
{
"db": "VUPEN",
"id": "ADV-2009-2795",
"trust": 1.0
},
{
"db": "BID",
"id": "54215",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2012-3421",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201206-522",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003013",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "49728",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "19918",
"trust": 0.6
},
{
"db": "IVD",
"id": "B1754968-2353-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "81748",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "81740",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "114351",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "b1754968-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3421"
},
{
"db": "BID",
"id": "54215"
},
{
"db": "BID",
"id": "36546"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003013"
},
{
"db": "PACKETSTORM",
"id": "81748"
},
{
"db": "PACKETSTORM",
"id": "81740"
},
{
"db": "PACKETSTORM",
"id": "114351"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-522"
},
{
"db": "NVD",
"id": "CVE-2012-2515"
}
]
},
"id": "VAR-201207-0056",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "b1754968-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3421"
}
],
"trust": 1.369960328
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "b1754968-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3421"
}
]
},
"last_update_date": "2024-11-23T21:46:18.991000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Captiva",
"trust": 0.8,
"url": "http://japan.emc.com/enterprise-content-management/captiva/captiva.htm"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.ge-ip.com/"
},
{
"title": "GEIP12-04",
"trust": 0.8,
"url": "http://support.ge-ip.com/support/resources/sites/GE_FANUC_SUPPORT/content/live/KB/14000/KB14863/en_US/GEIP12-04%20Security%20Advisory%20-%20Proficy%20HTML%20Help.pdf"
},
{
"title": "partner",
"trust": 0.8,
"url": "http://www.ge-ip.co.jp/partner.html"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.ge-ip.co.jp/"
},
{
"title": "Patch for GE Proficy Product Stack Buffer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/18408"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-3421"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003013"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003013"
},
{
"db": "NVD",
"id": "CVE-2012-2515"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-131-02.pdf"
},
{
"trust": 1.8,
"url": "http://retrogod.altervista.org/9sg_emc_keyhelp.html"
},
{
"trust": 1.7,
"url": "http://support.ge-ip.com/support/resources/sites/ge_fanuc_support/content/live/kb/14000/kb14863/en_us/geip12-04%20security%20advisory%20-%20proficy%20html%20help.pdf"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/36546"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/36914"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/36905"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2009/2795"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2009/2793"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2515"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-2515"
},
{
"trust": 0.6,
"url": "http://www.www.us-cert.gov/control_systems/pdf/icsa-12-131-02.pdfhttp"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/49728"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/54215"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/19918"
},
{
"trust": 0.3,
"url": "http://www.keyworks.net/keyhelp.htm"
},
{
"trust": 0.3,
"url": "http://support.microsoft.com/kb/240797"
},
{
"trust": 0.3,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.3,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.3,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/business_solutions/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/36905/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/36914/"
},
{
"trust": 0.1,
"url": "http://secunia.com/psi_30_beta_launch"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49728/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49728/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://support.ge-ip.com/support/index?page=kbchannel\u0026id=s:kb14863"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49728"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-3421"
},
{
"db": "BID",
"id": "36546"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003013"
},
{
"db": "PACKETSTORM",
"id": "81748"
},
{
"db": "PACKETSTORM",
"id": "81740"
},
{
"db": "PACKETSTORM",
"id": "114351"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-522"
},
{
"db": "NVD",
"id": "CVE-2012-2515"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "b1754968-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3421"
},
{
"db": "BID",
"id": "54215"
},
{
"db": "BID",
"id": "36546"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003013"
},
{
"db": "PACKETSTORM",
"id": "81748"
},
{
"db": "PACKETSTORM",
"id": "81740"
},
{
"db": "PACKETSTORM",
"id": "114351"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-522"
},
{
"db": "NVD",
"id": "CVE-2012-2515"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-06-29T00:00:00",
"db": "IVD",
"id": "b1754968-2353-11e6-abef-000c29c66e3d"
},
{
"date": "2012-06-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-3421"
},
{
"date": "2012-06-27T00:00:00",
"db": "BID",
"id": "54215"
},
{
"date": "2009-09-29T00:00:00",
"db": "BID",
"id": "36546"
},
{
"date": "2012-07-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003013"
},
{
"date": "2009-10-01T13:53:12",
"db": "PACKETSTORM",
"id": "81748"
},
{
"date": "2009-09-30T15:12:07",
"db": "PACKETSTORM",
"id": "81740"
},
{
"date": "2012-06-29T03:34:47",
"db": "PACKETSTORM",
"id": "114351"
},
{
"date": "2012-06-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201206-522"
},
{
"date": "2012-07-05T03:23:18.480000",
"db": "NVD",
"id": "CVE-2012-2515"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-06-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-3421"
},
{
"date": "2015-03-19T09:26:00",
"db": "BID",
"id": "54215"
},
{
"date": "2015-04-13T20:02:00",
"db": "BID",
"id": "36546"
},
{
"date": "2012-07-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003013"
},
{
"date": "2012-06-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201206-522"
},
{
"date": "2024-11-21T01:39:10.217000",
"db": "NVD",
"id": "CVE-2012-2515"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "54215"
},
{
"db": "BID",
"id": "36546"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "GE Proficy Product Stack Buffer Overflow Vulnerability",
"sources": [
{
"db": "IVD",
"id": "b1754968-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3421"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "b1754968-2353-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-522"
}
],
"trust": 0.8
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.