Lucene search

[email protected]CVE-2010-4740

HistoryFeb 16, 2011 - 3:00 a.m.

CVE-2010-4740

2011-02-1603:00:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2010-4740

stack-based buffer overflow

wtclient.dll

scada engine

bacnet opc client

nvd

security vulnerability

remote attack

arbitrary code execution

8.2 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.634 Medium

EPSS

Percentile

97.8%

JSON

Stack-based buffer overflow in WTclient.dll in SCADA Engine BACnet OPC Client before 1.0.25 allows user-assisted remote attackers to execute arbitrary code via a crafted .csv file, related to a status log message.

CPENameOperatorVersion
scadaengine:bacnet_opc_clientscadaengine bacnet opc clientle1.0.24

CPE	Name	Operator	Version
scadaengine:bacnet_opc_client	scadaengine bacnet opc client	le	1.0.24

References

packetstormsecurity.org/1009-exploits/bacnet-overflow.py.txt

secunia.com/advisories/41466

securityreason.com/securityalert/8083

www.kb.cert.org/vuls/id/660688

www.securityfocus.com/bid/43289

www.us-cert.gov/control_systems/pdf/ICSA-10-264-01.pdf

8.2 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.634 Medium

EPSS

Percentile

97.8%

JSON

Related for CVE-2010-4740

checkpoint_advisories1 prion1 cvelist1 ics1