Lucene search

CertccCVE-2012-1818

HistoryJun 08, 2012 - 6:55 p.m.

CVE-2012-1818

2012-06-0818:55:01

CWE-264

certcc

web.nvd.nist.gov

cve-2012-1818

emerson deltav

deltav workstations

activex control

remote code execution

file overwrite

nvd

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

AI Score

Confidence

Low

EPSS

0.005

Percentile

76.4%

JSON

An unspecified ActiveX control in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11.3, and 11.3.1 and DeltaV ProEssentials Scientific Graph 5.0.0.6 allows remote attackers to overwrite arbitrary files via unknown vectors.

Affected configurations

Nvd

Node

emersondeltavMatch9.3.1

emersondeltavMatch10.3.1

emersondeltavMatch11.3

emersondeltavMatch11.3.1

emersondeltav_proessentials_scientific_graphMatch5.0.0.6

emersondeltav_workstationMatch9.3.1

emersondeltav_workstationMatch10.3.1

emersondeltav_workstationMatch11.3

emersondeltav_workstationMatch11.3.1

VendorProductVersionCPE
emersondeltav9.3.1cpe:2.3:a:emerson:deltav:9.3.1:*:*:*:*:*:*:*
emersondeltav10.3.1cpe:2.3:a:emerson:deltav:10.3.1:*:*:*:*:*:*:*
emersondeltav11.3cpe:2.3:a:emerson:deltav:11.3:*:*:*:*:*:*:*
emersondeltav11.3.1cpe:2.3:a:emerson:deltav:11.3.1:*:*:*:*:*:*:*
emersondeltav_proessentials_scientific_graph5.0.0.6cpe:2.3:a:emerson:deltav_proessentials_scientific_graph:5.0.0.6:*:*:*:*:*:*:*
emersondeltav_workstation9.3.1cpe:2.3:a:emerson:deltav_workstation:9.3.1:*:*:*:*:*:*:*
emersondeltav_workstation10.3.1cpe:2.3:a:emerson:deltav_workstation:10.3.1:*:*:*:*:*:*:*
emersondeltav_workstation11.3cpe:2.3:a:emerson:deltav_workstation:11.3:*:*:*:*:*:*:*
emersondeltav_workstation11.3.1cpe:2.3:a:emerson:deltav_workstation:11.3.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
emerson	deltav	9.3.1	cpe:2.3:a:emerson:deltav:9.3.1:::::::*
emerson	deltav	10.3.1	cpe:2.3:a:emerson:deltav:10.3.1:::::::*
emerson	deltav	11.3	cpe:2.3:a:emerson:deltav:11.3:::::::*
emerson	deltav	11.3.1	cpe:2.3:a:emerson:deltav:11.3.1:::::::*
emerson	deltav_proessentials_scientific_graph	5.0.0.6	cpe:2.3:a:emerson:deltav_proessentials_scientific_graph:5.0.0.6:::::::*
emerson	deltav_workstation	9.3.1	cpe:2.3:a:emerson:deltav_workstation:9.3.1:::::::*
emerson	deltav_workstation	10.3.1	cpe:2.3:a:emerson:deltav_workstation:10.3.1:::::::*
emerson	deltav_workstation	11.3	cpe:2.3:a:emerson:deltav_workstation:11.3:::::::*
emerson	deltav_workstation	11.3.1	cpe:2.3:a:emerson:deltav_workstation:11.3.1:::::::*

References

osvdb.org/82014

secunia.com/advisories/49210

www.securityfocus.com/bid/53591

www.us-cert.gov/control_systems/pdf/ICSA-12-138-01.pdf

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

AI Score

Confidence

Low

EPSS

0.005

Percentile

76.4%

JSON

Related for CVE-2012-1818