CVE-2012-4704

CVE-2012-4704 affects the 3S CODESYS Gateway-Server (prior to ver. 2.3.9.27). The vulnerability is described as a memory access error (array/index handling) in the Gateway-Server that can allow a remote attacker to execute arbitrary code via a crafted packet. ICS-CERT/3S advisories confirm remote...

CVE-2012-4705

Affected software: 3S CODESYS Gateway-Server (GATEWAY-SERVER). Vulnerability: Directory traversal that can lead to remote code execution via crafted pathnames; impact per ICS-CERT includes remote execution potential. Root cause / vector: Improper handling of directory traversal in the Gateway-Ser...

CVE-2012-4707

The CVE-2012-4707 issue affects the 3S CODESYS Gateway-Server up to version 2.3.9.27. It is described as an "Improper Restriction of Operations Within the Bounds of a Memory Buffer" vulnerability, where an out-of-bounds memory access could allow remote attackers to execute arbitrary code. Public ...

CVE-2012-4708

The CVE-2012-4708 issue affects 3S CODESYS Gateway-Server (pre-2.3.9.27). The vulnerability is a stack-based buffer overflow triggered by a crafted packet sent to the Gateway Server (port 1211), allowing remote code execution and potentially full control of the affected system. Public details ind...

CVE-2012-4706

CVE-2012-4706 affects the 3S CODESYS Gateway-Server prior to version 2.3.9.27. The vulnerability is a heap-based buffer overflow caused by a signedness/error in processing a crafted TCP packet (port 1211), enabling remote denial of service. Documents indicate this is part of a set of vulnerabilit...

CVE-2013-2781

CVE-2013-2781 is a use-after-free vulnerability in the 3S CODESYS Gateway server (version 2.3.9.27). It allows remote attackers to cause a DoS (daemon crash) and potentially execute arbitrary code via unspecified vectors. Public details come from multiple sources (NVD/Red Hat/Nessus/ICS-CERT). Mi...