Lucene search

[email protected]CVE-2010-4597

HistoryDec 23, 2010 - 6:00 p.m.

CVE-2010-4597

2010-12-2318:00:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2010-4597

stack-based buffer overflow

integraxor.project

activex control

igcomm.dll

ecava integraxor human-machine interface (hmi)

remote code execution

8.3 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.267 Low

EPSS

Percentile

96.7%

JSON

Stack-based buffer overflow in the save method in the IntegraXor.Project ActiveX control in igcomm.dll in Ecava IntegraXor Human-Machine Interface (HMI) before 3.5.3900.10 allows remote attackers to execute arbitrary code via a long string in the second argument.

CPENameOperatorVersion
ecava:integraxorecava integraxorle3.5.3900.5

CPE	Name	Operator	Version
ecava:integraxor	ecava integraxor	le	3.5.3900.5

References

secunia.com/advisories/42650

www.exploit-db.com/exploits/15767

www.integraxor.com/blog/integraxor-3-5-scada-security-issue-20101006-0109-vulnerability-note

www.kb.cert.org/vuls/id/603928

www.securityfocus.com/bid/45487

www.us-cert.gov/control_systems/pdf/ICSA-10-322-01.pdf

www.vupen.com/english/advisories/2010/3275

8.3 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.267 Low

EPSS

Percentile

96.7%

JSON

Related for CVE-2010-4597

prion1 cvelist1 checkpoint_advisories1