Lucene search

[email protected]CVE-2012-3008

HistoryJul 20, 2012 - 10:40 a.m.

CVE-2012-3008

2012-07-2010:40:37

CWE-119

[email protected]

web.nvd.nist.gov

osisoft

opc da

buffer overflow

cve-2012-3008

nvd

8.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

8 High

AI Score

Confidence

High

0.074 Low

EPSS

Percentile

94.1%

JSON

Stack-based buffer overflow in OSIsoft PI OPC DA Interface before 2.3.20.9 allows remote authenticated users to execute arbitrary code by sending packet data during the processing of messages associated with OPC items.

Affected configurations

NVD

Node

osisoftpi_opc_da_interfaceRange≤2.3.17.18

osisoftpi_opc_da_interfaceMatch2.3.16.16

CPENameOperatorVersion
osisoft:pi_opc_da_interfaceosisoft pi opc da interfacele2.3.17.18
osisoft:pi_opc_da_interfaceosisoft pi opc da interfaceeq2.3.16.16

CPE	Name	Operator	Version
osisoft:pi_opc_da_interface	osisoft pi opc da interface	le	2.3.17.18
osisoft:pi_opc_da_interface	osisoft pi opc da interface	eq	2.3.16.16

References

osvdb.org/84091

secunia.com/advisories/49986

www.securityfocus.com/bid/54609

www.us-cert.gov/control_systems/pdf/ICSA-12-201-01.pdf

exchange.xforce.ibmcloud.com/vulnerabilities/77131

8.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

8 High

AI Score

Confidence

High

0.074 Low

EPSS

Percentile

94.1%

JSON

Related for CVE-2012-3008

ics1 prion1 nvd1 cvelist1