NETXEIB OPC Server句柄验证远程代码执行漏洞

OPC服务器是工业制造领域中自动化和控制系统所广泛使用的数据访问控制工具。 NETxAUTOMATION所提供的OPC服务器（NETXEIB OPC Server）在实现以下OPC数据访问接口方式时存在多个安全漏洞： IOPCSyncIO::Read IOPCSyncIO::Write IOPCServer::AddGroup IOPCServer::RemoveGroup IOPCCommon::SetClientName IOPCGroupStateMgt::CloneGroup 如果提供了特制的OPC句柄的话攻击者就可以强制服务器读写访问任意内存，导致在OPC服务器上执行任意指令。...

CVE-2007-1313

NETxAutomation NETxEIB OPC Server before 3.0.1300 does not properly validate OLE for Process Control OPC server handles, which allows attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors involving the 1 IOPCSyncIO::Read, 2 IOPCSyncIO::Write, 3...

Code injection

NETxAutomation NETxEIB OPC Server before 3.0.1300 does not properly validate OLE for Process Control OPC server handles, which allows attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors involving the 1 IOPCSyncIO::Read, 2 IOPCSyncIO::Write, 3...

CVE-2007-1313

NETxAutomation NETxEIB OPC Server before 3.0.1300 does not properly validate OLE for Process Control OPC server handles, which allows attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors involving the 1 IOPCSyncIO::Read, 2 IOPCSyncIO::Write, 3...

CVE-2007-1313

Affected product: NETxAutomation NETxEIB OPC Server (3.0) on Windows XP. Vulnerability: improper validation of OPC server handles allows a remote attacker to access arbitrary server memory via (1) IOPCSyncIO::Read, (2) IOPCSyncIO::Write, (3) IOPCServer::AddGroup, (4) IOPCServer::RemoveGroup, (5) ...

NETxAutomation NETxEIB OPC Server fails to properly validate OPC server handles

Overview The NETxAutomation NETxEIB OPC Server contains a vulnerability that may allow a remote attacker to execute arbitary code or cause a denial-of-service. Description OLE for Process Control OPC is a specification for a standard set of OLE COM objects for use in the process control and...