Details of VAR-201708-1121

ID

VAR-201708-1121

CVE

CVE-2017-12707

TITLE

SpiderControl SCADA MicroBrowser Stack Buffer Overflow Vulnerability

Trust: 0.8

sources: IVD: a6e1ec6c-668f-47ff-8a3f-bf8aed7e701c // CNVD: CNVD-2017-22814

DESCRIPTION

A Stack-based Buffer Overflow issue was discovered in SpiderControl SCADA MicroBrowser Versions 1.6.30.144 and prior. Opening a maliciously crafted html file may cause a stack overflow. SpiderControl SCADA MicroBrowser Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SpiderControl SCADA MicroBrowser. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within processing of the StaticHTMLTagsFileName tag. An attacker can leverage this vulnerability to execute arbitrary code under the context of the current process. SCADA MicroBrowser is a software management platform. Failed exploit attempts will likely result in denial-of-service conditions. SCADA MicroBrowser 1.6.30.144 and prior are vulnerable

Trust: 3.24

sources: NVD: CVE-2017-12707 // JVNDB: JVNDB-2017-007390 // ZDI: ZDI-17-694 // CNVD: CNVD-2017-22814 // BID: 100453 // IVD: a6e1ec6c-668f-47ff-8a3f-bf8aed7e701c

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: a6e1ec6c-668f-47ff-8a3f-bf8aed7e701c // CNVD: CNVD-2017-22814

AFFECTED PRODUCTS

vendor:	spidercontrol	model:	scada microbrowser	scope:	lte	version:	1.6.30.144	Trust: 1.0
vendor:	spidercontrol	model:	scada microbrowser	scope:	eq	version:	1.6.30.144	Trust: 0.9
vendor:	ininet	model:	spidercontrol scada microbrowser	scope:	lte	version:	1.6.30.144	Trust: 0.8
vendor:	spidercontrol	model:	scada microbrowser	scope:	-	version:	-	Trust: 0.7
vendor:	spidercontrol	model:	scada microbrowser	scope:	lte	version:	<=1.6.30.144	Trust: 0.6
vendor:	spidercontrol	model:	scada microbrowser	scope:	eq	version:	1.6.30.142	Trust: 0.3
vendor:	spidercontrol	model:	scada microbrowser	scope:	ne	version:	1.6.40.148	Trust: 0.3
vendor:	scada microbrowser	model:	-	scope:	eq	version:	*	Trust: 0.2

sources: IVD: a6e1ec6c-668f-47ff-8a3f-bf8aed7e701c // ZDI: ZDI-17-694 // CNVD: CNVD-2017-22814 // BID: 100453 // JVNDB: JVNDB-2017-007390 // CNNVD: CNNVD-201708-1071 // NVD: CVE-2017-12707

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-12707
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2017-12707
value:	CRITICAL
Trust: 0.8
ZDI:	CVE-2017-12707
value:	MEDIUM
Trust: 0.7
CNVD:	CNVD-2017-22814
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201708-1071
value:	CRITICAL
Trust: 0.6
IVD:	a6e1ec6c-668f-47ff-8a3f-bf8aed7e701c
value:	CRITICAL
Trust: 0.2

nvd@nist.gov:	CVE-2017-12707
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
ZDI:	CVE-2017-12707
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.7
CNVD:	CNVD-2017-22814
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	a6e1ec6c-668f-47ff-8a3f-bf8aed7e701c
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

nvd@nist.gov:	CVE-2017-12707
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: IVD: a6e1ec6c-668f-47ff-8a3f-bf8aed7e701c // ZDI: ZDI-17-694 // CNVD: CNVD-2017-22814 // JVNDB: JVNDB-2017-007390 // CNNVD: CNNVD-201708-1071 // NVD: CVE-2017-12707

PROBLEMTYPE DATA

problemtype:	CWE-119	Trust: 1.8
problemtype:	CWE-121	Trust: 1.0

sources: JVNDB: JVNDB-2017-007390 // NVD: CVE-2017-12707

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201708-1071

TYPE

Buffer error

Trust: 0.8

sources: IVD: a6e1ec6c-668f-47ff-8a3f-bf8aed7e701c // CNNVD: CNNVD-201708-1071

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-007390

PATCH

title:	SpiderControl MicroBrowser	url:	http://www.ininet.ch/public/MicroBrowser/XP/index.html	Trust: 0.8
title:	SpiderControl has issued an update to correct this vulnerability.	url:	https://ics-cert.us-cert.gov/advisories/ICSA-17-234-02	Trust: 0.7
title:	SpiderControl SCADA MicroBrowser Stack Buffer Overflow Vulnerability Patch	url:	https://www.cnvd.org.cn/patchInfo/show/100832	Trust: 0.6
title:	iniNet Solutions SpiderControl SCADA MicroBrowser Buffer error vulnerability fix	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=74280	Trust: 0.6

sources: ZDI: ZDI-17-694 // CNVD: CNVD-2017-22814 // JVNDB: JVNDB-2017-007390 // CNNVD: CNNVD-201708-1071

EXTERNAL IDS

db:	NVD	id:	CVE-2017-12707	Trust: 4.2
db:	ICS CERT	id:	ICSA-17-234-02	Trust: 3.3
db:	BID	id:	100453	Trust: 1.9
db:	CNVD	id:	CNVD-2017-22814	Trust: 0.8
db:	CNNVD	id:	CNNVD-201708-1071	Trust: 0.8
db:	JVNDB	id:	JVNDB-2017-007390	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-4194	Trust: 0.7
db:	ZDI	id:	ZDI-17-694	Trust: 0.7
db:	IVD	id:	A6E1EC6C-668F-47FF-8A3F-BF8AED7E701C	Trust: 0.2

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-17-234-02	Trust: 4.0
url:	http://www.securityfocus.com/bid/100453	Trust: 1.6
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12707	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-12707	Trust: 0.8
url:	http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12707	Trust: 0.6
url:	http://spidercontrol.net/	Trust: 0.3
url:	http://www.ininet.ch/public/microbrowser/xp/releasenote.txt	Trust: 0.3

sources: ZDI: ZDI-17-694 // CNVD: CNVD-2017-22814 // BID: 100453 // JVNDB: JVNDB-2017-007390 // CNNVD: CNNVD-201708-1071 // NVD: CVE-2017-12707

CREDITS

juushya

Trust: 0.7

sources: ZDI: ZDI-17-694

SOURCES

db:	IVD	id:	a6e1ec6c-668f-47ff-8a3f-bf8aed7e701c
db:	ZDI	id:	ZDI-17-694
db:	CNVD	id:	CNVD-2017-22814
db:	BID	id:	100453
db:	JVNDB	id:	JVNDB-2017-007390
db:	CNNVD	id:	CNNVD-201708-1071
db:	NVD	id:	CVE-2017-12707

LAST UPDATE DATE

2025-04-20T23:30:53.725000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-17-694	date:	2017-08-23T00:00:00
db:	CNVD	id:	CNVD-2017-22814	date:	2017-08-25T00:00:00
db:	BID	id:	100453	date:	2017-08-22T00:00:00
db:	JVNDB	id:	JVNDB-2017-007390	date:	2017-09-20T00:00:00
db:	CNNVD	id:	CNNVD-201708-1071	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2017-12707	date:	2025-04-20T01:37:25.860

SOURCES RELEASE DATE

db:	IVD	id:	a6e1ec6c-668f-47ff-8a3f-bf8aed7e701c	date:	2017-08-25T00:00:00
db:	ZDI	id:	ZDI-17-694	date:	2017-08-23T00:00:00
db:	CNVD	id:	CNVD-2017-22814	date:	2017-08-25T00:00:00
db:	BID	id:	100453	date:	2017-08-22T00:00:00
db:	JVNDB	id:	JVNDB-2017-007390	date:	2017-09-20T00:00:00
db:	CNNVD	id:	CNNVD-201708-1071	date:	2017-08-24T00:00:00
db:	NVD	id:	CVE-2017-12707	date:	2017-08-25T19:29:00.237