Lucene search

[email protected]CVE-2012-3008

HistoryJul 20, 2012 - 10:40 a.m.

CVE-2012-3008

2012-07-2010:40:37

CWE-119

[email protected]

web.nvd.nist.gov

osisoft

opc da

buffer overflow

cve-2012-3008

nvd

8 High

AI Score

Confidence

High

8.5 High

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

0.074 Low

EPSS

Percentile

94.1%

JSON

Stack-based buffer overflow in OSIsoft PI OPC DA Interface before 2.3.20.9 allows remote authenticated users to execute arbitrary code by sending packet data during the processing of messages associated with OPC items.

Affected configurations

NVD

Node

osisoftpi_opc_da_interfaceRange≤2.3.17.18

osisoftpi_opc_da_interfaceMatch2.3.16.16

CPENameOperatorVersion
osisoft:pi_opc_da_interfaceosisoft pi opc da interfacele2.3.17.18
osisoft:pi_opc_da_interfaceosisoft pi opc da interfaceeq2.3.16.16

CPE	Name	Operator	Version
osisoft:pi_opc_da_interface	osisoft pi opc da interface	le	2.3.17.18
osisoft:pi_opc_da_interface	osisoft pi opc da interface	eq	2.3.16.16

References

osvdb.org/84091

secunia.com/advisories/49986

www.securityfocus.com/bid/54609

www.us-cert.gov/control_systems/pdf/ICSA-12-201-01.pdf

exchange.xforce.ibmcloud.com/vulnerabilities/77131

8 High

AI Score

Confidence

High

8.5 High

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

0.074 Low

EPSS

Percentile

94.1%

JSON

Related for CVE-2012-3008

cvelist1 prion1 ics1 nvd1