Lucene search

[email protected]CVE-2012-0243

HistoryFeb 21, 2012 - 1:31 p.m.

CVE-2012-0243

2012-02-2113:31:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2012-0243

buffer overflow

activex control

advantech

broadwin webaccess

remote code execution

nvd

8.1 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.045 Low

EPSS

Percentile

92.4%

JSON

Buffer overflow in an ActiveX control in bwocxrun.ocx in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary code by leveraging the ability to write arbitrary content to any pathname.

CPENameOperatorVersion
advantech:advantech_webaccessadvantech advantech webaccessle6.0
advantech:advantech_webaccessadvantech advantech webaccesseq5.0

CPE	Name	Operator	Version
advantech:advantech_webaccess	advantech advantech webaccess	le	6.0
advantech:advantech_webaccess	advantech advantech webaccess	eq	5.0

References

www.securityfocus.com/bid/52051

www.us-cert.gov/control_systems/pdf/ICSA-12-047-01.pdf

8.1 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.045 Low

EPSS

Percentile

92.4%

JSON

Related for CVE-2012-0243

prion1 cvelist1 ics1 nessus2