289 matches found
CVE-2011-2089
Stack-based buffer overflow in the SetActiveXGUID method in the VersionInfo ActiveX control in GenVersion.dll 8.0.138.0 in the WebHMI subsystem in ICONICS BizViz 9.x before 9.22 and GENESIS32 9.x before 9.22 allows remote attackers to execute arbitrary code via a long string in the argument. NOTE...
Stack overflow
Stack-based buffer overflow in the SetActiveXGUID method in the VersionInfo ActiveX control in GenVersion.dll 8.0.138.0 in the WebHMI subsystem in ICONICS BizViz 9.x before 9.22 and GENESIS32 9.x before 9.22 allows remote attackers to execute arbitrary code via a long string in the argument. NOTE...
CVE-2011-2089
Summary of CVE-2011-2089 (ICONICS WebHMI / BizViz / GENESIS32) : A stack-based buffer overflow in the GenVersion.dll VersionInfo ActiveX control (SetActiveXGUID) allows remote code execution via a long string argument. Affected: ICONICS BizViz 9.x (before 9.22) and GENESIS32 9.x (before 9.22) wit...
Serious SCADA Security Flaw Affects Critical Infrastructure Firms
The U.S.’s Computer Emergency Response Team CERT issued a warning to critical infrastructure firms on Wednesday about a serious security hole in products from Massachusetts firm Iconics that could leave critical systems vulnerable to remote attacks. U.S. companies in the electricity, oil and gas,...
ICONICS WebHMI ActiveX Buffer Overflow
$Id: iconicswebhmisetactivexguid.rb 12584 2011-05-11 20:45:54Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
ICONICS WebHMI ActiveX Buffer Overflow
This module exploits a vulnerability found in ICONICS WebHMI's ActiveX control. By supplying a long string of data to the 'SetActiveXGUID' parameter, GenVersion.dll fails to do any proper bounds checking before this input is copied onto the stack, which causes a buffer overflow, and results...
ICONICS WebHMI ActiveX Buffer Overflow
Exploit for windows platform in category remote exploits $Id: iconicswebhmisetactivexguid.rb 12576 2011-05-10 19:16:07Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more...
ICONICS WebHMI - ActiveX Buffer Overflow (Metasploit)
$Id: iconicswebhmisetactivexguid.rb 12584 2011-05-11 20:45:54Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
ICONICS WebHMI ActiveX buffer overflow
Stack buffer overflow in SetActiveXGUID method...
Security-Assessment.com Advisory: ICONICS WebHMI ActiveX Stack Overflow
, , . .' '. ', . , '. , ., , / / / ==/ / / / / / / | Y Y / /| / /||| / / /.-. / /:wq x.0 '=.|w|.=' ='"=. presents.. ICONICS WebHMI ActiveX Stack Overflow Vendor Link: http://www.iconics.com/ PDF: http://www.security-assessment.com/files/documents/advisory/ICONICSWebHMI.pdf +-----------+...
ICONICS WebHMI Active-X Stack Overflow
, , . .' '. ', . , '. , ., , / / / \ \ ==/ /\ \ / / \ / \ / / | \ \ Y Y \ / /| / \ /||| / / /.-. / /:wq x.0 '=.|w|.=' ='"=. presents.. ICONICS WebHMI ActiveX Stack Overflow Vendor Link: http://www.iconics.com/ PDF:...
ICONICS WebHMI ActiveX Stack Overflow
Exploit for windows platform in category remote exploits , , . .' '. ', . , '. , ., , / / / \ \ ==/ /\ \ / / \ / \ / / | \ \ Y Y \ / /| / \ /||| / / /.-. / /:wq x.0 '=.|w|.=' ='"=. presents.. ICONICS WebHMI ActiveX Stack Overflow Vendor Link: http://www.iconics.com/ PDF:...
ICONICS WebHMI - ActiveX Stack Overflow
ICONICS WebHMI - ActiveX Stack Overflow , , . .' '. ', . , '. , ., , / / / \ \ ==/ /\ \ / / \ / \ / / | \ \ Y Y \ / /| / \ /||| / / /.-. / /:wq x.0 '=.|w|.=' ='"=. presents.. ICONICS WebHMI ActiveX Stack Overflow Vendor Link: http://www.iconics.com/ PDF:...
ICONICS WebHMI - ActiveX Stack Overflow
, , . .' '. ', . , '. , ., , / / / \ \ ==/ /\ \ / / \ / \ / / | \ \ Y Y \ / /| / \ /||| / / /.-. / /:wq x.0 '=.|w|.=' ='"=. presents.. ICONICS WebHMI ActiveX Stack Overflow Vendor Link: http://www.iconics.com/ PDF:...
Vulnerabilities in some SCADA server softwares
The following are almost all the vulnerabilities I found for a quick experiment some months ago in certain well known server-side SCADA softwares still vulnerable in this moment. In case someone doesn't know SCADA like me before the tests: it's just one or more softwares usually a core, a graphic...
Dozens of SCADA Exploits, Proof-of-concept Code Published
Exploits for scores of vulnerabilities in supervisory control and data acquisition software SCADA were made public on Monday, according to a report by The Register. 34 holes were published on Seclists.org’s Bugtraq mailing list for programs by Siemens, Iconics, 7-Technologies, Datac and Control...
iconics genesis32 and genesis64 - Multiple Vulnerabilities
Sources: http://aluigi.org/adv/genesis1-adv.txt http://aluigi.org/adv/genesis2-adv.txt http://aluigi.org/adv/genesis3-adv.txt http://aluigi.org/adv/genesis4-adv.txt http://aluigi.org/adv/genesis5-adv.txt http://aluigi.org/adv/genesis6-adv.txt http://aluigi.org/adv/genesis7-adv.txt...
ICONICS GENESIS32 and BizViz ActiveX Stack Overflow
Overview Security researchers Scott Bell and Blair Strang of Security-Assessment.com have released a report detailing a stack overflow vulnerability affecting ICONICS GENESIS32 and BizViz products. The vulnerable ActiveX control, GenVersion.dll, is a component of WebHMI, which is incorporated in...
ICONICS Vessel Gauge Switch 8.02.140 - ActiveX Buffer Overflow (Metasploit)
ICONICS Vessel Gauge Switch 8.02.140 - ActiveX Buffer Overflow Metasploit $Id: iconicsdlgwrapper.rb 1 2008-09-21 22:43:00Z kf $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more...
ICONICS Vessel / Gauge / Switch 8.02.140 ActiveX BOF Exploit (meta)
No description provided by source. $Id: iconicsdlgwrapper.rb 1 2008-09-21 22:43:00Z kf $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...