Vulnerability Name: | CVE-2012-1801 (CCN-74617) | ||||||||
Assigned: | 2012-03-23 | ||||||||
Published: | 2012-03-23 | ||||||||
Updated: | 2017-12-20 | ||||||||
Summary: | Multiple stack-based buffer overflows in (1) COM and (2) ActiveX controls in ABB WebWare Server, WebWare SDK, Interlink Module, S4 OPC Server, QuickTeach, RobotStudio S4, and RobotStudio Lite allow remote attackers to execute arbitrary code via crafted input data. | ||||||||
CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||
CVSS v2 Severity: | 7.7 High (CVSS v2 Vector: AV:A/AC:L/Au:S/C:C/I:C/A:C) 6.7 Medium (Temporal CVSS v2 Vector: AV:A/AC:L/Au:S/C:C/I:C/A:C/E:H/RL:OF/RC:C)
5.9 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:H/RL:OF/RC:C)
| ||||||||
Vulnerability Type: | CWE-119 | ||||||||
Vulnerability Consequences: | Gain Access | ||||||||
References: | Source: MITRE Type: CNA CVE-2012-1801 Source: CCN Type: SA48693 ABB Multiple Products ActiveX Control Buffer Overflow Vulnerability Source: SECUNIA Type: UNKNOWN 48693 Source: CCN Type: ABB Web Site The ABB Group - Automation and Power Technologies Source: CCN Type: OSVDB ID: 80895 ABB Multiple Product Multiple Unspecified COM / ActiveX Component Overflow Source: BID Type: UNKNOWN 52888 Source: CCN Type: BID-52888 Multiple ABB Products ActiveX Control Buffer Overflow Vulnerability Source: CCN Type: ICSA-12-095-01 ABB MULTIPLE COMPONENTS BUFFER OVERFLOW Source: MISC Type: US Government Resource http://www.us-cert.gov/control_systems/pdf/ICSA-12-095-01A.pdf Source: CCN Type: ABB-VU-DMRO-41532 Advisory for WebWare Components and Related Products Source: CONFIRM Type: Vendor Advisory http://www05.abb.com/global/scot/scot348.nsf/veritydisplay/35df9dc4a94ae83ac12579ca0043acc1/$file/SI10231A2%20rev%200.pdf Source: XF Type: UNKNOWN abb-activex-bo(74617) | ||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: Denotes that component is vulnerable | ||||||||
BACK |