VARIoT IoT vulnerabilities database
| VAR-201111-0129 | CVE-2011-3897 | Used in multiple products Webkit Service disruption in (DoS) Vulnerabilities |
CVSS V2: 6.8 CVSS V3: - Severity: MEDIUM |
Use-after-free vulnerability in Google Chrome before 15.0.874.120 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to editing. plural Apple Product Webkit A similar vulnerability exists for. Detail is Apple See vendor information for.Denial of service by attacker (DoS) You may be put into a state or affected by other details. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the WebKit library. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists when the library attempts to replace a particular element due to an HTML5 ContentEditable command. Due to the library not accommodating for DOM mutation events that can be made to occur, an aggressor can modify the tree out from underneath the library, leading to a type change. This can be used to trigger a use-after-free condition at which point can lead to code execution under the context of the application. Google Chrome is prone to multiple vulnerabilities.
Versions prior to Chrome 15.0.874.120 are vulnerable. Google Chrome is a web browser developed by Google (Google).
These could be used in a malicious web site to direct the user to a
spoofed site that visually appears to be a legitimate domain. This
issue is addressed through an improved domain name validity check.
This issue does not affect OS X systems. Third-party websites could set cookies if the "Block Cookies"
preference in Safari was set to the default setting of "From third
parties and advertisers".
CVE-ID
CVE-2012-0640 : nshah
WebKit
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,
OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista,
XP SP2 or later
Impact: HTTP authentication credentials may be inadvertently
disclosed to another site
Description: If a site uses HTTP authentication and redirects to
another site, the authentication credentials may be sent to the other
site. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
APPLE-SA-2012-03-07-2 iOS 5.1 Software Update
iOS 5.1 Software Update is now available and addresses the following:
CFNetwork
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: Visiting a maliciously crafted website may lead to the
disclosure of sensitive information
Description: An issue existed in CFNetwork's handling of malformed
URLs. When accessing a maliciously crafted URL, CFNetwork could send
unexpected request headers.
CVE-ID
CVE-2012-0641 : Erling Ellingsen of Facebook
HFS
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: Mounting a maliciously crafted disk image may lead to a
device shutdown or arbitrary code execution
Description: An integer underflow existed with the handling of HFS
catalog files.
CVE-ID
CVE-2012-0642 : pod2g
Kernel
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: A malicious program could bypass sandbox restrictions
Description: A logic issue existed in the handling of debug system
calls. This may allow a malicious program to gain code execution in
other programs with the same user privileges.
CVE-ID
CVE-2012-0643 : 2012 iOS Jailbreak Dream Team
libresolv
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: Applications that use the libresolv library may be
vulnerable to an unexpected application termination or arbitrary code
execution
Description: An integer overflow existed in the handling of DNS
resource records, which may lead to heap memory corruption.
CVE-ID
CVE-2011-3453 : Ilja van Sprundel of IOActive
Passcode Lock
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: A person with physical access to the device may be able to
bypass the screen lock
Description: A race condition issue existed in the handling of slide
to dial gestures. This may allow a person with physical access to the
device to bypass the Passcode Lock screen.
CVE-ID
CVE-2012-0644 : Roland Kohler of the German Federal Ministry of
Economics and Technology
Safari
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: Web page visits may be recorded in browser history even when
Private Browsing is active
Description: Safari's Private Browsing is designed to prevent
recording of a browsing session. Pages visited as a result of a site
using the JavaScript methods pushState or replaceState were recorded
in the browser history even when Private Browsing mode was active.
This issue is addressed by not recording such visits when Private
Browsing is active.
CVE-ID
CVE-2012-0585 : Eric Melville of American Express
Siri
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: An attacker with physical access to a locked phone could get
access to frontmost email message
Description: A design issue existed in Siri's lock screen
restrictions. If Siri was enabled for use on the lock screen, and
Mail was open with a message selected behind the lock screen, a voice
command could be used to send that message to an arbitrary recipient.
This issue is addressed by disabling forwarding of active messages
from the lock screen.
CVE-ID
CVE-2012-0645
VPN
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: A maliciously crafted system configuration file may lead to
arbitrary code execution with system privileges
Description: A format string vulnerability existed in the handling
of racoon configuration files.
CVE-ID
CVE-2012-0646 : pod2g
WebKit
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: Visiting a maliciously crafted website may lead to the
disclosure of cookies
Description: A cross-origin issue existed in WebKit, which may allow
cookies to be disclosed across origins.
CVE-ID
CVE-2011-3887 : Sergey Glazunov
WebKit
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: Visiting a maliciously crafted website and dragging content
with the mouse may lead to a cross-site scripting attack
Description: A cross-origin issue existed in WebKit, which may allow
content to be dragged and dropped across origins.
CVE-ID
CVE-2012-0590 : Adam Barth of Google Chrome Security Team
WebKit
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: Visiting a maliciously crafted website may lead to a cross-
site scripting attack
Description: Multiple cross-origin issues existed in WebKit.
CVE-ID
CVE-2011-3881 : Sergey Glazunov
CVE-2012-0586 : Sergey Glazunov
CVE-2012-0587 : Sergey Glazunov
CVE-2012-0588 : Jochen Eisinger of Google Chrome Team
CVE-2012-0589 : Alan Austin of polyvore.com
WebKit
Available for: iPhone 3GS, iPhone 4, iPhone 4S,
iPod touch (3rd generation) and later, iPad, iPad 2
Impact: Visiting a maliciously crafted website may lead to an
unexpected application termination or arbitrary code execution
Description: Multiple memory corruption issues existed in WebKit.
CVE-ID
CVE-2011-2825 : wushi of team509 working with TippingPoint's Zero Day
Initiative
CVE-2011-2833 : Apple
CVE-2011-2846 : Arthur Gerkis, miaubiz
CVE-2011-2847 : miaubiz, Abhishek Arya (Inferno) of Google Chrome
Security Team using AddressSanitizer
CVE-2011-2854 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2011-2855 : Arthur Gerkis, wushi of team509 working with iDefense
VCP
CVE-2011-2857 : miaubiz
CVE-2011-2860 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2011-2867 : Dirk Schulze
CVE-2011-2868 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2011-2869 : Cris Neckar of Google Chrome Security Team using
AddressSanitizer
CVE-2011-2870 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2011-2871 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2011-2872 : Abhishek Arya (Inferno) and Cris Neckar of Google
Chrome Security Team using AddressSanitizer
CVE-2011-2873 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2011-2877 : miaubiz
CVE-2011-3885 : miaubiz
CVE-2011-3888 : miaubiz
CVE-2011-3897 : pa_kt working with TippingPoint's Zero Day Initiative
CVE-2011-3908 : Aki Helin of OUSPG
CVE-2011-3909 : Google Chrome Security Team (scarybeasts) and Chu
CVE-2011-3928 : wushi of team509 working with TippingPoint's Zero Day
Initiative
CVE-2012-0591 : miaubiz, and Martin Barbella
CVE-2012-0592 : Alexander Gavrun working with TippingPoint's Zero Day
Initiative
CVE-2012-0593 : Lei Zhang of the Chromium development community
CVE-2012-0594 : Adam Klein of the Chromium development community
CVE-2012-0595 : Apple
CVE-2012-0596 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2012-0597 : miaubiz
CVE-2012-0598 : Sergey Glazunov
CVE-2012-0599 : Dmytro Gorbunov of SaveSources.com
CVE-2012-0600 : Marshall Greenblatt, Dharani Govindan of Google
Chrome, miaubiz, Aki Helin of OUSPG, Apple
CVE-2012-0601 : Apple
CVE-2012-0602 : Apple
CVE-2012-0603 : Apple
CVE-2012-0604 : Apple
CVE-2012-0605 : Apple
CVE-2012-0606 : Apple
CVE-2012-0607 : Apple
CVE-2012-0608 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2012-0609 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2012-0610 : miaubiz, Martin Barbella using AddressSanitizer
CVE-2012-0611 : Martin Barbella using AddressSanitizer
CVE-2012-0612 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2012-0613 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2012-0614 : miaubiz, Martin Barbella using AddressSanitizer
CVE-2012-0615 : Martin Barbella using AddressSanitizer
CVE-2012-0616 : miaubiz
CVE-2012-0617 : Martin Barbella using AddressSanitizer
CVE-2012-0618 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2012-0619 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2012-0620 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2012-0621 : Martin Barbella using AddressSanitizer
CVE-2012-0622 : Dave Levin and Abhishek Arya of the Google Chrome
Security Team
CVE-2012-0623 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2012-0624 : Martin Barbella using AddressSanitizer
CVE-2012-0625 : Martin Barbella
CVE-2012-0626 : Abhishek Arya (Inferno) of Google Chrome Security
Team using AddressSanitizer
CVE-2012-0627 : Apple
CVE-2012-0628 : Slawomir Blazek, miaubiz, Abhishek Arya (Inferno) of
Google Chrome Security Team using AddressSanitizer
CVE-2012-0629 : Abhishek Arya (Inferno) of Google Chrome Security
Team
CVE-2012-0630 : Sergio Villar Senin of Igalia
CVE-2012-0631 : Abhishek Arya (Inferno) of Google Chrome Security
Team
CVE-2012-0632 : Cris Neckar of the Google Chrome Security Team using
AddressSanitizer
CVE-2012-0633 : Apple
CVE-2012-0635 : Julien Chaffraix of the Chromium development
community, Martin Barbella using AddressSanitizer
Installation note:
This update is only available through iTunes, and will not appear
in your computer's Software Update application, or in the Apple
Downloads site. Make sure you have an Internet connection and have
installed the latest version of iTunes from www.apple.com/itunes/
iTunes will automatically check Apple's update server on its weekly
schedule. When an update is detected, it will download it. When
the iPhone, iPod touch or iPad is docked, iTunes will present the
user with the option to install the update. We recommend applying
the update immediately if possible. Selecting Don't Install will
present the option the next time you connect your iPhone, iPod touch,
or iPad.
The automatic update process may take up to a week depending on the
day that iTunes checks for updates. You may manually obtain the
update via the Check for Updates button within iTunes. After doing
this, the update can be applied when your iPhone, iPod touch, or iPad
is docked to your computer.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update will be "5.1".
Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.16 (Darwin)
iQEcBAEBAgAGBQJPV6M3AAoJEGnF2JsdZQeef/cIAKBSn0czLzJO9fu6ZyjLRvxq
4pIZgfyEVGBzpn+9IeiGFTkkVf+bOsA+Q3RlcsG5g0RlbyFgnuWu59HHsnkrElbM
bCfnnTF5eYZX/3fnLzxpX7BUsEona3nf1gHfR24OeEn36C8rZ6rZJfMLqCJNNZGY
RDSga1oeMN/AbgZuR9sYKudkE0GOmkLZfR2G4WXmrU+JncR6XoROUwoJBPhg8z90
HAxgDEbduuLLOSe7CHLS3apbh0L2tmxPCWpiBmEMg6PTlFF0HhJQJ0wusrUc8nX6
7TDsAho73wCOpChzBGQeemc6+UEN2uDmUgwVkN6n4D/qN1u6E+d3coUXOlb8hIY=
=qPeE
-----END PGP SIGNATURE-----
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
ZDI-12-147 : WebKit ContentEditable swapInNode Use-After-Free Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-12-147
August 22, 2012
- -- CVE ID:
CVE-2011-3897
- -- CVSS:
7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P
- -- Affected Vendors:
WebKit.Org
- -- Affected Products:
WebKit.Org WebKit
- -- TippingPoint(TM) IPS Customer Protection:
TippingPoint IPS customers have been protected against this
vulnerability by Digital Vaccine protection filter ID 12492.
- -- Vendor Response:
WebKit.Org has issued an update to correct this vulnerability. More details
can be found at:
https://bugs.webkit.org/show_bug.cgi?id=71145
- -- Disclosure Timeline:
2011-10-28 - Vulnerability reported to vendor
2012-08-22 - Coordinated public release of advisory
- -- Credit:
This vulnerability was discovered by:
* pa_kt / twitter.com/pa_kt
- -- About the Zero Day Initiative (ZDI):
Established by TippingPoint, The Zero Day Initiative (ZDI) represents
a best-of-breed model for rewarding security researchers for responsibly
disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research
through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is
used. TippingPoint does not re-sell the vulnerability details or any
exploit code. Instead, upon notifying the affected product vendor,
TippingPoint provides its customers with zero day protection through
its intrusion prevention technology. Explicit details regarding the
specifics of the vulnerability are not exposed to any parties until
an official vendor patch is publicly available. Furthermore, with the
altruistic aim of helping to secure a broader user base, TippingPoint
provides this vulnerability information confidentially to security
vendors (including competitors) who have a vulnerability protection or
mitigation product. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201111-05
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Chromium, V8: Multiple vulnerabilities
Date: November 19, 2011
Bugs: #390113, #390779
ID: 201111-05
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been reported in Chromium and V8, some of
which may allow execution of arbitrary code.
Background
==========
Chromium is an open-source web browser project. V8 is Google's open
source JavaScript engine.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-client/chromium < 15.0.874.121 >= 15.0.874.121
2 dev-lang/v8 < 3.5.10.24 >= 3.5.10.24
-------------------------------------------------------------------
2 affected packages
-------------------------------------------------------------------
Description
===========
Multiple vulnerabilities have been discovered in Chromium and V8.
Please review the CVE identifiers and release notes referenced below
for details.
Impact
======
A context-dependent attacker could entice a user to open a specially
crafted web site or JavaScript program using Chromium or V8, possibly
resulting in the execution of arbitrary code with the privileges of the
process, or a Denial of Service condition. The attacker also could
cause a Java applet to run without user confirmation.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Chromium users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=www-client/chromium-15.0.874.121"
All V8 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-lang/v8-3.5.10.24"
References
==========
[ 1 ] CVE-2011-3892
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3892
[ 2 ] CVE-2011-3893
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3893
[ 3 ] CVE-2011-3894
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3894
[ 4 ] CVE-2011-3895
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3895
[ 5 ] CVE-2011-3896
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3896
[ 6 ] CVE-2011-3897
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3897
[ 7 ] CVE-2011-3898
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3898
[ 8 ] CVE-2011-3900
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3900
[ 9 ] Release Notes 15.0.874.120
http://googlechromereleases.blogspot.com/2011/11/stable-channel-update.html
[ 10 ] Release Notes 15.0.874.121
http://googlechromereleases.blogspot.com/2011/11/stable-channel-update_16.html
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201111-05.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2011 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
| VAR-201202-0220 | CVE-2012-0240 | Advantech/BroadWin WebAccess of GbScriptAddUp.asp Vulnerable to arbitrary code execution |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
GbScriptAddUp.asp in Advantech/BroadWin WebAccess before 7.0 does not properly perform authentication, which allows remote attackers to execute arbitrary code via unspecified vectors. Advantech Advantech specializes in network computer and network automation, providing more than 450 products including industrial data acquisition, automation software, computer platforms, Advantech industrial computers, computer motherboards and accessories. Advantech/BroadWin SCADA WebAccess is a fully browser-based Human Machine Interface (HMI) and Monitoring and Data Acquisition (SCADA) software. Advantech WebAccess is prone to multiple remote vulnerabilities.
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database, execute arbitrary code gain access to sensitive information, cause a denial-of-service condition. Other attacks are possible. ----------------------------------------------------------------------
Ovum says ad hoc tools are out-dated. The best practice approach?
Fast vulnerability intelligence, threat handling, and setup in one tool.
Read the new report on the Secunia VIM:
http://secunia.com/products/corporate/vim/ovum_2011_request/
----------------------------------------------------------------------
TITLE:
Advantech OPC Server ADAM ActiveX Control Buffer Overflow
Vulnerability
SECUNIA ADVISORY ID:
SA46775
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/46775/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=46775
RELEASE DATE:
2011-11-07
DISCUSS ADVISORY:
http://secunia.com/advisories/46775/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/46775/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46775
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
A vulnerability has been reported in Advantech OPC Server, which can
be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an error in the ADAM ActiveX
control and can be exploited to cause a buffer overflow.
The vulnerability is reported in the following components:
* Advantech ADAM OPC Server versions prior to V3.01.012.
* Advantech Modbus RTU OPC Server versions prior to V3.01.010.
* Advantech Modbus TCP OPC Server versions prior to V3.01.010.
SOLUTION:
Reportedly a patch has been released. Contact the vendor for further
information.
PROVIDED AND/OR DISCOVERED BY:
ICS-CERT credits Security Research and Service Institute Information
and Communication Security Technology Center (ICST).
ORIGINAL ADVISORY:
ICS-CERT:
http://www.us-cert.gov/control_systems/pdf/ICSA-11-279-01.pdf
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-201202-0223 | CVE-2012-0243 | Advantech/BroadWin WebAccess of ActiveX Control buffer overflow vulnerability |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Buffer overflow in an ActiveX control in bwocxrun.ocx in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary code by leveraging the ability to write arbitrary content to any pathname. Advantech Advantech specializes in network computer and network automation, providing more than 450 products including industrial data acquisition, automation software, computer platforms, Advantech industrial computers, computer motherboards and accessories. Advantech/BroadWin SCADA WebAccess is a fully browser-based Human Machine Interface (HMI) and Monitoring and Data Acquisition (SCADA) software. Advantech WebAccess is prone to multiple remote vulnerabilities.
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database, execute arbitrary code gain access to sensitive information, cause a denial-of-service condition. Other attacks are possible. ----------------------------------------------------------------------
Ovum says ad hoc tools are out-dated. The best practice approach?
Fast vulnerability intelligence, threat handling, and setup in one tool.
Read the new report on the Secunia VIM:
http://secunia.com/products/corporate/vim/ovum_2011_request/
----------------------------------------------------------------------
TITLE:
Advantech OPC Server ADAM ActiveX Control Buffer Overflow
Vulnerability
SECUNIA ADVISORY ID:
SA46775
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/46775/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=46775
RELEASE DATE:
2011-11-07
DISCUSS ADVISORY:
http://secunia.com/advisories/46775/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/46775/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46775
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
A vulnerability has been reported in Advantech OPC Server, which can
be exploited by malicious people to compromise a user's system.
The vulnerability is reported in the following components:
* Advantech ADAM OPC Server versions prior to V3.01.012.
* Advantech Modbus RTU OPC Server versions prior to V3.01.010.
* Advantech Modbus TCP OPC Server versions prior to V3.01.010.
SOLUTION:
Reportedly a patch has been released. Contact the vendor for further
information.
PROVIDED AND/OR DISCOVERED BY:
ICS-CERT credits Security Research and Service Institute Information
and Communication Security Technology Center (ICST).
ORIGINAL ADVISORY:
ICS-CERT:
http://www.us-cert.gov/control_systems/pdf/ICSA-11-279-01.pdf
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-201202-0219 | CVE-2012-0239 | Advantech/BroadWin WebAccess of uaddUpAdmin.asp Vulnerabilities in changing administrator passwords |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
uaddUpAdmin.asp in Advantech/BroadWin WebAccess before 7.0 does not properly perform authentication, which allows remote attackers to modify an administrative password via a password-change request. Advantech/BroadWin WebAccess of uaddUpAdmin.asp Contains a vulnerability where the administrator password can be changed due to improper authentication.A third party may change the administrator password via a password change request. Advantech Advantech specializes in network computer and network automation, providing more than 450 products including industrial data acquisition, automation software, computer platforms, Advantech industrial computers, computer motherboards and accessories. Advantech/BroadWin SCADA WebAccess is a fully browser-based Human Machine Interface (HMI) and Monitoring and Data Acquisition (SCADA) software. Advantech WebAccess is prone to multiple remote vulnerabilities.
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database, execute arbitrary code gain access to sensitive information, cause a denial-of-service condition. Other attacks are possible. ----------------------------------------------------------------------
Ovum says ad hoc tools are out-dated. The best practice approach?
Fast vulnerability intelligence, threat handling, and setup in one tool.
Read the new report on the Secunia VIM:
http://secunia.com/products/corporate/vim/ovum_2011_request/
----------------------------------------------------------------------
TITLE:
Advantech OPC Server ADAM ActiveX Control Buffer Overflow
Vulnerability
SECUNIA ADVISORY ID:
SA46775
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/46775/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=46775
RELEASE DATE:
2011-11-07
DISCUSS ADVISORY:
http://secunia.com/advisories/46775/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/46775/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46775
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
A vulnerability has been reported in Advantech OPC Server, which can
be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an error in the ADAM ActiveX
control and can be exploited to cause a buffer overflow.
Successful exploitation may allow execution of arbitrary code.
The vulnerability is reported in the following components:
* Advantech ADAM OPC Server versions prior to V3.01.012.
* Advantech Modbus RTU OPC Server versions prior to V3.01.010.
* Advantech Modbus TCP OPC Server versions prior to V3.01.010.
SOLUTION:
Reportedly a patch has been released. Contact the vendor for further
information.
PROVIDED AND/OR DISCOVERED BY:
ICS-CERT credits Security Research and Service Institute Information
and Communication Security Technology Center (ICST).
ORIGINAL ADVISORY:
ICS-CERT:
http://www.us-cert.gov/control_systems/pdf/ICSA-11-279-01.pdf
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-201202-0038 | CVE-2011-4524 | Advantech/BroadWin WebAccess Vulnerable to buffer overflow |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Buffer overflow in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary code via a long string value in unspecified parameters. Advantech Advantech specializes in network computer and network automation, providing more than 450 products including industrial data acquisition, automation software, computer platforms, Advantech industrial computers, computer motherboards and accessories. Advantech/BroadWin SCADA WebAccess is a fully browser-based Human Machine Interface (HMI) and Monitoring and Data Acquisition (SCADA) software. Advantech WebAccess is prone to multiple remote vulnerabilities.
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database, execute arbitrary code gain access to sensitive information, cause a denial-of-service condition. Other attacks are possible. ----------------------------------------------------------------------
Ovum says ad hoc tools are out-dated. The best practice approach?
Fast vulnerability intelligence, threat handling, and setup in one tool.
Read the new report on the Secunia VIM:
http://secunia.com/products/corporate/vim/ovum_2011_request/
----------------------------------------------------------------------
TITLE:
Advantech OPC Server ADAM ActiveX Control Buffer Overflow
Vulnerability
SECUNIA ADVISORY ID:
SA46775
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/46775/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=46775
RELEASE DATE:
2011-11-07
DISCUSS ADVISORY:
http://secunia.com/advisories/46775/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/46775/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46775
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
A vulnerability has been reported in Advantech OPC Server, which can
be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an error in the ADAM ActiveX
control and can be exploited to cause a buffer overflow.
Successful exploitation may allow execution of arbitrary code.
The vulnerability is reported in the following components:
* Advantech ADAM OPC Server versions prior to V3.01.012.
* Advantech Modbus RTU OPC Server versions prior to V3.01.010.
* Advantech Modbus TCP OPC Server versions prior to V3.01.010.
SOLUTION:
Reportedly a patch has been released. Contact the vendor for further
information.
PROVIDED AND/OR DISCOVERED BY:
ICS-CERT credits Security Research and Service Institute Information
and Communication Security Technology Center (ICST).
ORIGINAL ADVISORY:
ICS-CERT:
http://www.us-cert.gov/control_systems/pdf/ICSA-11-279-01.pdf
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-201202-0215 | CVE-2012-0235 | Advantech/BroadWin WebAccess Vulnerable to cross-site request forgery |
CVSS V2: 6.0 CVSS V3: - Severity: MEDIUM |
Cross-site request forgery (CSRF) vulnerability in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. Advantech/BroadWin WebAccess Contains a cross-site request forgery vulnerability.Authentication may be hijacked by a third party. Advantech Advantech specializes in network computer and network automation, providing more than 450 products including industrial data acquisition, automation software, computer platforms, Advantech industrial computers, computer motherboards and accessories. Advantech/BroadWin SCADA WebAccess is a fully browser-based Human Machine Interface (HMI) and Monitoring and Data Acquisition (SCADA) software. Advantech WebAccess is prone to multiple remote vulnerabilities.
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database, execute arbitrary code gain access to sensitive information, cause a denial-of-service condition. Other attacks are possible. ----------------------------------------------------------------------
Ovum says ad hoc tools are out-dated. The best practice approach?
Fast vulnerability intelligence, threat handling, and setup in one tool.
Read the new report on the Secunia VIM:
http://secunia.com/products/corporate/vim/ovum_2011_request/
----------------------------------------------------------------------
TITLE:
Advantech OPC Server ADAM ActiveX Control Buffer Overflow
Vulnerability
SECUNIA ADVISORY ID:
SA46775
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/46775/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=46775
RELEASE DATE:
2011-11-07
DISCUSS ADVISORY:
http://secunia.com/advisories/46775/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/46775/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46775
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
A vulnerability has been reported in Advantech OPC Server, which can
be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an error in the ADAM ActiveX
control and can be exploited to cause a buffer overflow.
Successful exploitation may allow execution of arbitrary code.
The vulnerability is reported in the following components:
* Advantech ADAM OPC Server versions prior to V3.01.012.
* Advantech Modbus RTU OPC Server versions prior to V3.01.010.
* Advantech Modbus TCP OPC Server versions prior to V3.01.010.
SOLUTION:
Reportedly a patch has been released. Contact the vendor for further
information.
PROVIDED AND/OR DISCOVERED BY:
ICS-CERT credits Security Research and Service Institute Information
and Communication Security Technology Center (ICST).
ORIGINAL ADVISORY:
ICS-CERT:
http://www.us-cert.gov/control_systems/pdf/ICSA-11-279-01.pdf
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-201202-0218 | CVE-2012-0238 | Advantech/BroadWin WebAccess of opcImg.asp Vulnerable to stack-based buffer overflow |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Stack-based buffer overflow in opcImg.asp in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary code via unspecified vectors. Advantech Advantech specializes in network computer and network automation, providing more than 450 products including industrial data acquisition, automation software, computer platforms, Advantech industrial computers, computer motherboards and accessories. Advantech/BroadWin SCADA WebAccess is a fully browser-based Human Machine Interface (HMI) and Monitoring and Data Acquisition (SCADA) software. Advantech WebAccess is prone to multiple remote vulnerabilities.
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database, execute arbitrary code gain access to sensitive information, cause a denial-of-service condition. Other attacks are possible. ----------------------------------------------------------------------
Ovum says ad hoc tools are out-dated. The best practice approach?
Fast vulnerability intelligence, threat handling, and setup in one tool.
Read the new report on the Secunia VIM:
http://secunia.com/products/corporate/vim/ovum_2011_request/
----------------------------------------------------------------------
TITLE:
Advantech OPC Server ADAM ActiveX Control Buffer Overflow
Vulnerability
SECUNIA ADVISORY ID:
SA46775
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/46775/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=46775
RELEASE DATE:
2011-11-07
DISCUSS ADVISORY:
http://secunia.com/advisories/46775/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/46775/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46775
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
A vulnerability has been reported in Advantech OPC Server, which can
be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an error in the ADAM ActiveX
control and can be exploited to cause a buffer overflow.
Successful exploitation may allow execution of arbitrary code.
The vulnerability is reported in the following components:
* Advantech ADAM OPC Server versions prior to V3.01.012.
* Advantech Modbus RTU OPC Server versions prior to V3.01.010.
* Advantech Modbus TCP OPC Server versions prior to V3.01.010.
SOLUTION:
Reportedly a patch has been released. Contact the vendor for further
information.
PROVIDED AND/OR DISCOVERED BY:
ICS-CERT credits Security Research and Service Institute Information
and Communication Security Technology Center (ICST).
ORIGINAL ADVISORY:
ICS-CERT:
http://www.us-cert.gov/control_systems/pdf/ICSA-11-279-01.pdf
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-201202-0224 | CVE-2012-0244 | Advantech/BroadWin WebAccess In SQL Injection vulnerability |
CVSS V2: 7.5 CVSS V3: - Severity: HIGH |
Multiple SQL injection vulnerabilities in Advantech/BroadWin WebAccess before 7.0 allow remote attackers to execute arbitrary SQL commands via crafted string input. Advantech Advantech specializes in network computer and network automation, providing more than 450 products including industrial data acquisition, automation software, computer platforms, Advantech industrial computers, computer motherboards and accessories. Advantech/BroadWin SCADA WebAccess is a fully browser-based Human Machine Interface (HMI) and Monitoring and Data Acquisition (SCADA) software. Advantech WebAccess is prone to multiple remote vulnerabilities.
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database, execute arbitrary code gain access to sensitive information, cause a denial-of-service condition. Other attacks are possible. ----------------------------------------------------------------------
Ovum says ad hoc tools are out-dated. The best practice approach?
Fast vulnerability intelligence, threat handling, and setup in one tool.
Read the new report on the Secunia VIM:
http://secunia.com/products/corporate/vim/ovum_2011_request/
----------------------------------------------------------------------
TITLE:
Advantech OPC Server ADAM ActiveX Control Buffer Overflow
Vulnerability
SECUNIA ADVISORY ID:
SA46775
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/46775/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=46775
RELEASE DATE:
2011-11-07
DISCUSS ADVISORY:
http://secunia.com/advisories/46775/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/46775/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46775
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
A vulnerability has been reported in Advantech OPC Server, which can
be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an error in the ADAM ActiveX
control and can be exploited to cause a buffer overflow.
Successful exploitation may allow execution of arbitrary code.
The vulnerability is reported in the following components:
* Advantech ADAM OPC Server versions prior to V3.01.012.
* Advantech Modbus RTU OPC Server versions prior to V3.01.010.
* Advantech Modbus TCP OPC Server versions prior to V3.01.010.
SOLUTION:
Reportedly a patch has been released. Contact the vendor for further
information.
PROVIDED AND/OR DISCOVERED BY:
ICS-CERT credits Security Research and Service Institute Information
and Communication Security Technology Center (ICST).
ORIGINAL ADVISORY:
ICS-CERT:
http://www.us-cert.gov/control_systems/pdf/ICSA-11-279-01.pdf
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-201202-0213 | CVE-2012-0233 | Advantech/BroadWin WebAccess Vulnerable to cross-site scripting |
CVSS V2: 4.3 CVSS V3: - Severity: MEDIUM |
Cross-site scripting (XSS) vulnerability in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to inject arbitrary web script or HTML via a malformed URL. Advantech Advantech specializes in network computer and network automation, providing more than 450 products including industrial data acquisition, automation software, computer platforms, Advantech industrial computers, computer motherboards and accessories. Advantech/BroadWin SCADA WebAccess is a fully browser-based Human Machine Interface (HMI) and Monitoring and Data Acquisition (SCADA) software. Advantech WebAccess is prone to multiple remote vulnerabilities.
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database, execute arbitrary code gain access to sensitive information, cause a denial-of-service condition. Other attacks are possible. ----------------------------------------------------------------------
Ovum says ad hoc tools are out-dated. The best practice approach?
Fast vulnerability intelligence, threat handling, and setup in one tool.
Read the new report on the Secunia VIM:
http://secunia.com/products/corporate/vim/ovum_2011_request/
----------------------------------------------------------------------
TITLE:
Advantech OPC Server ADAM ActiveX Control Buffer Overflow
Vulnerability
SECUNIA ADVISORY ID:
SA46775
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/46775/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=46775
RELEASE DATE:
2011-11-07
DISCUSS ADVISORY:
http://secunia.com/advisories/46775/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/46775/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46775
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
A vulnerability has been reported in Advantech OPC Server, which can
be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an error in the ADAM ActiveX
control and can be exploited to cause a buffer overflow.
Successful exploitation may allow execution of arbitrary code.
The vulnerability is reported in the following components:
* Advantech ADAM OPC Server versions prior to V3.01.012.
* Advantech Modbus RTU OPC Server versions prior to V3.01.010.
* Advantech Modbus TCP OPC Server versions prior to V3.01.010.
SOLUTION:
Reportedly a patch has been released. Contact the vendor for further
information.
PROVIDED AND/OR DISCOVERED BY:
ICS-CERT credits Security Research and Service Institute Information
and Communication Security Technology Center (ICST).
ORIGINAL ADVISORY:
ICS-CERT:
http://www.us-cert.gov/control_systems/pdf/ICSA-11-279-01.pdf
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-201202-0214 | CVE-2012-0234 | Advantech/BroadWin WebAccess In SQL Injection vulnerability |
CVSS V2: 7.5 CVSS V3: - Severity: HIGH |
SQL injection vulnerability in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary SQL commands via a malformed URL. Advantech Advantech specializes in network computer and network automation, providing more than 450 products including industrial data acquisition, automation software, computer platforms, Advantech industrial computers, computer motherboards and accessories. Advantech/BroadWin SCADA WebAccess is a fully browser-based Human Machine Interface (HMI) and Monitoring and Data Acquisition (SCADA) software. Advantech WebAccess is prone to multiple remote vulnerabilities.
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database, execute arbitrary code gain access to sensitive information, cause a denial-of-service condition. Other attacks are possible. ----------------------------------------------------------------------
Ovum says ad hoc tools are out-dated. The best practice approach?
Fast vulnerability intelligence, threat handling, and setup in one tool.
Read the new report on the Secunia VIM:
http://secunia.com/products/corporate/vim/ovum_2011_request/
----------------------------------------------------------------------
TITLE:
Advantech OPC Server ADAM ActiveX Control Buffer Overflow
Vulnerability
SECUNIA ADVISORY ID:
SA46775
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/46775/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=46775
RELEASE DATE:
2011-11-07
DISCUSS ADVISORY:
http://secunia.com/advisories/46775/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/46775/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46775
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
A vulnerability has been reported in Advantech OPC Server, which can
be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an error in the ADAM ActiveX
control and can be exploited to cause a buffer overflow.
Successful exploitation may allow execution of arbitrary code.
The vulnerability is reported in the following components:
* Advantech ADAM OPC Server versions prior to V3.01.012.
* Advantech Modbus RTU OPC Server versions prior to V3.01.010.
* Advantech Modbus TCP OPC Server versions prior to V3.01.010.
SOLUTION:
Reportedly a patch has been released. Contact the vendor for further
information.
PROVIDED AND/OR DISCOVERED BY:
ICS-CERT credits Security Research and Service Institute Information
and Communication Security Technology Center (ICST).
ORIGINAL ADVISORY:
ICS-CERT:
http://www.us-cert.gov/control_systems/pdf/ICSA-11-279-01.pdf
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-201202-0036 | CVE-2011-4522 | Advantech/BroadWin WebAccess of bwview.asp Vulnerable to cross-site scripting |
CVSS V2: 4.3 CVSS V3: - Severity: MEDIUM |
Cross-site scripting (XSS) vulnerability in bwerrdn.asp in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. Advantech Advantech specializes in network computer and network automation, providing more than 450 products including industrial data acquisition, automation software, computer platforms, Advantech industrial computers, computer motherboards and accessories. Advantech/BroadWin SCADA WebAccess is a fully browser-based Human Machine Interface (HMI) and Monitoring and Data Acquisition (SCADA) software. Advantech WebAccess bwerrdn.asp lacks filtering on parameters leading to cross-site scripting attacks. Advantech WebAccess is prone to multiple remote vulnerabilities.
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database, execute arbitrary code gain access to sensitive information, cause a denial-of-service condition. Other attacks are possible. ----------------------------------------------------------------------
Ovum says ad hoc tools are out-dated. The best practice approach?
Fast vulnerability intelligence, threat handling, and setup in one tool.
Read the new report on the Secunia VIM:
http://secunia.com/products/corporate/vim/ovum_2011_request/
----------------------------------------------------------------------
TITLE:
Advantech OPC Server ADAM ActiveX Control Buffer Overflow
Vulnerability
SECUNIA ADVISORY ID:
SA46775
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/46775/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=46775
RELEASE DATE:
2011-11-07
DISCUSS ADVISORY:
http://secunia.com/advisories/46775/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/46775/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46775
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
A vulnerability has been reported in Advantech OPC Server, which can
be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an error in the ADAM ActiveX
control and can be exploited to cause a buffer overflow.
Successful exploitation may allow execution of arbitrary code.
The vulnerability is reported in the following components:
* Advantech ADAM OPC Server versions prior to V3.01.012.
* Advantech Modbus RTU OPC Server versions prior to V3.01.010.
* Advantech Modbus TCP OPC Server versions prior to V3.01.010.
SOLUTION:
Reportedly a patch has been released. Contact the vendor for further
information.
PROVIDED AND/OR DISCOVERED BY:
ICS-CERT credits Security Research and Service Institute Information
and Communication Security Technology Center (ICST).
ORIGINAL ADVISORY:
ICS-CERT:
http://www.us-cert.gov/control_systems/pdf/ICSA-11-279-01.pdf
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-201202-0039 | CVE-2011-4525 | Advantech/BroadWin WebAccess Vulnerable to arbitrary code execution |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Advantech/BroadWin WebAccess before 7.0 allows remote attackers to trigger the extraction of arbitrary web content into a batch file on a client system, and execute this batch file, via unspecified vectors. Advantech Advantech specializes in network computer and network automation, providing more than 450 products including industrial data acquisition, automation software, computer platforms, Advantech industrial computers, computer motherboards and accessories. Advantech/BroadWin SCADA WebAccess is a fully browser-based Human Machine Interface (HMI) and Monitoring and Data Acquisition (SCADA) software. A security vulnerability exists in Advantech WebAccess. Advantech WebAccess is prone to multiple remote vulnerabilities.
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database, execute arbitrary code gain access to sensitive information, cause a denial-of-service condition. Other attacks are possible. ----------------------------------------------------------------------
Ovum says ad hoc tools are out-dated. The best practice approach?
Fast vulnerability intelligence, threat handling, and setup in one tool.
Read the new report on the Secunia VIM:
http://secunia.com/products/corporate/vim/ovum_2011_request/
----------------------------------------------------------------------
TITLE:
Advantech OPC Server ADAM ActiveX Control Buffer Overflow
Vulnerability
SECUNIA ADVISORY ID:
SA46775
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/46775/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=46775
RELEASE DATE:
2011-11-07
DISCUSS ADVISORY:
http://secunia.com/advisories/46775/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/46775/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46775
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
A vulnerability has been reported in Advantech OPC Server, which can
be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an error in the ADAM ActiveX
control and can be exploited to cause a buffer overflow.
Successful exploitation may allow execution of arbitrary code.
The vulnerability is reported in the following components:
* Advantech ADAM OPC Server versions prior to V3.01.012.
* Advantech Modbus RTU OPC Server versions prior to V3.01.010.
* Advantech Modbus TCP OPC Server versions prior to V3.01.010.
SOLUTION:
Reportedly a patch has been released. Contact the vendor for further
information.
PROVIDED AND/OR DISCOVERED BY:
ICS-CERT credits Security Research and Service Institute Information
and Communication Security Technology Center (ICST).
ORIGINAL ADVISORY:
ICS-CERT:
http://www.us-cert.gov/control_systems/pdf/ICSA-11-279-01.pdf
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-201202-0217 | CVE-2012-0237 | Advantech/BroadWin WebAccess Vulnerabilities that change the date and time synchronization settings |
CVSS V2: 6.4 CVSS V3: - Severity: MEDIUM |
Advantech/BroadWin WebAccess before 7.0 allows remote attackers to (1) enable date and time syncing or (2) disable date and time syncing via a crafted URL. Advantech Advantech specializes in network computer and network automation, providing more than 450 products including industrial data acquisition, automation software, computer platforms, Advantech industrial computers, computer motherboards and accessories. Advantech/BroadWin SCADA WebAccess is a fully browser-based Human Machine Interface (HMI) and Monitoring and Data Acquisition (SCADA) software. Advantech WebAccess is prone to multiple remote vulnerabilities.
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database, execute arbitrary code gain access to sensitive information, cause a denial-of-service condition. Other attacks are possible. ----------------------------------------------------------------------
Ovum says ad hoc tools are out-dated. The best practice approach?
Fast vulnerability intelligence, threat handling, and setup in one tool.
Read the new report on the Secunia VIM:
http://secunia.com/products/corporate/vim/ovum_2011_request/
----------------------------------------------------------------------
TITLE:
Advantech OPC Server ADAM ActiveX Control Buffer Overflow
Vulnerability
SECUNIA ADVISORY ID:
SA46775
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/46775/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=46775
RELEASE DATE:
2011-11-07
DISCUSS ADVISORY:
http://secunia.com/advisories/46775/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/46775/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46775
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
A vulnerability has been reported in Advantech OPC Server, which can
be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an error in the ADAM ActiveX
control and can be exploited to cause a buffer overflow.
Successful exploitation may allow execution of arbitrary code.
The vulnerability is reported in the following components:
* Advantech ADAM OPC Server versions prior to V3.01.012.
* Advantech Modbus RTU OPC Server versions prior to V3.01.010.
* Advantech Modbus TCP OPC Server versions prior to V3.01.010.
SOLUTION:
Reportedly a patch has been released. Contact the vendor for further
information.
PROVIDED AND/OR DISCOVERED BY:
ICS-CERT credits Security Research and Service Institute Information
and Communication Security Technology Center (ICST).
ORIGINAL ADVISORY:
ICS-CERT:
http://www.us-cert.gov/control_systems/pdf/ICSA-11-279-01.pdf
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-201202-0037 | CVE-2011-4523 | Advantech/BroadWin WebAccess of bwview.asp Vulnerable to cross-site scripting |
CVSS V2: 4.3 CVSS V3: - Severity: MEDIUM |
Cross-site scripting (XSS) vulnerability in bwview.asp in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. Advantech Advantech specializes in network computer and network automation, providing more than 450 products including industrial data acquisition, automation software, computer platforms, Advantech industrial computers, computer motherboards and accessories. Advantech/BroadWin SCADA WebAccess is a fully browser-based Human Machine Interface (HMI) and Monitoring and Data Acquisition (SCADA) software. Advantech WebAccess bwview.asp lacks filtering on parameters leading to cross-site scripting attacks. Advantech WebAccess is prone to multiple remote vulnerabilities.
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database, execute arbitrary code gain access to sensitive information, cause a denial-of-service condition. Other attacks are possible. ----------------------------------------------------------------------
Ovum says ad hoc tools are out-dated. The best practice approach?
Fast vulnerability intelligence, threat handling, and setup in one tool.
Read the new report on the Secunia VIM:
http://secunia.com/products/corporate/vim/ovum_2011_request/
----------------------------------------------------------------------
TITLE:
Advantech OPC Server ADAM ActiveX Control Buffer Overflow
Vulnerability
SECUNIA ADVISORY ID:
SA46775
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/46775/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=46775
RELEASE DATE:
2011-11-07
DISCUSS ADVISORY:
http://secunia.com/advisories/46775/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/46775/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46775
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
A vulnerability has been reported in Advantech OPC Server, which can
be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an error in the ADAM ActiveX
control and can be exploited to cause a buffer overflow.
Successful exploitation may allow execution of arbitrary code.
The vulnerability is reported in the following components:
* Advantech ADAM OPC Server versions prior to V3.01.012.
* Advantech Modbus RTU OPC Server versions prior to V3.01.010.
* Advantech Modbus TCP OPC Server versions prior to V3.01.010.
SOLUTION:
Reportedly a patch has been released. Contact the vendor for further
information.
PROVIDED AND/OR DISCOVERED BY:
ICS-CERT credits Security Research and Service Institute Information
and Communication Security Technology Center (ICST).
ORIGINAL ADVISORY:
ICS-CERT:
http://www.us-cert.gov/control_systems/pdf/ICSA-11-279-01.pdf
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-201202-0216 | CVE-2012-0236 | Advantech/BroadWin WebAccess Vulnerability in which important information is obtained |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Advantech/BroadWin WebAccess 7.0 and earlier allows remote attackers to obtain sensitive information via a direct request to a URL. NOTE: the vendor reportedly "does not consider it to be a security risk.". Advantech Advantech specializes in network computer and network automation, providing more than 450 products including industrial data acquisition, automation software, computer platforms, Advantech industrial computers, computer motherboards and accessories. Advantech/BroadWin SCADA WebAccess is a fully browser-based Human Machine Interface (HMI) and Monitoring and Data Acquisition (SCADA) software. Advantech WebAccess submits a specially crafted URL that does not authenticate users with access to restricted information. Advantech WebAccess is prone to multiple remote vulnerabilities.
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database, execute arbitrary code gain access to sensitive information, cause a denial-of-service condition. Other attacks are possible. Vulnerabilities exist in Advantech/BroadWin WebAccess 7.0 and earlier versions. ----------------------------------------------------------------------
Ovum says ad hoc tools are out-dated. The best practice approach?
Fast vulnerability intelligence, threat handling, and setup in one tool.
Read the new report on the Secunia VIM:
http://secunia.com/products/corporate/vim/ovum_2011_request/
----------------------------------------------------------------------
TITLE:
Advantech OPC Server ADAM ActiveX Control Buffer Overflow
Vulnerability
SECUNIA ADVISORY ID:
SA46775
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/46775/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=46775
RELEASE DATE:
2011-11-07
DISCUSS ADVISORY:
http://secunia.com/advisories/46775/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/46775/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46775
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
A vulnerability has been reported in Advantech OPC Server, which can
be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an error in the ADAM ActiveX
control and can be exploited to cause a buffer overflow.
Successful exploitation may allow execution of arbitrary code.
The vulnerability is reported in the following components:
* Advantech ADAM OPC Server versions prior to V3.01.012.
* Advantech Modbus RTU OPC Server versions prior to V3.01.010.
* Advantech Modbus TCP OPC Server versions prior to V3.01.010.
SOLUTION:
Reportedly a patch has been released. Contact the vendor for further
information.
PROVIDED AND/OR DISCOVERED BY:
ICS-CERT credits Security Research and Service Institute Information
and Communication Security Technology Center (ICST).
ORIGINAL ADVISORY:
ICS-CERT:
http://www.us-cert.gov/control_systems/pdf/ICSA-11-279-01.pdf
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-201202-0222 | CVE-2012-0242 | Advantech/BroadWin WebAccess Format string vulnerability |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Format string vulnerability in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary code via format string specifiers in a message string. Advantech Advantech specializes in network computer and network automation, providing more than 450 products including industrial data acquisition, automation software, computer platforms, Advantech industrial computers, computer motherboards and accessories. Advantech/BroadWin SCADA WebAccess is a fully browser-based Human Machine Interface (HMI) and Monitoring and Data Acquisition (SCADA) software. Advantech WebAccess is prone to multiple remote vulnerabilities.
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database, execute arbitrary code gain access to sensitive information, cause a denial-of-service condition. Other attacks are possible. ----------------------------------------------------------------------
Ovum says ad hoc tools are out-dated. The best practice approach?
Fast vulnerability intelligence, threat handling, and setup in one tool.
Read the new report on the Secunia VIM:
http://secunia.com/products/corporate/vim/ovum_2011_request/
----------------------------------------------------------------------
TITLE:
Advantech OPC Server ADAM ActiveX Control Buffer Overflow
Vulnerability
SECUNIA ADVISORY ID:
SA46775
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/46775/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=46775
RELEASE DATE:
2011-11-07
DISCUSS ADVISORY:
http://secunia.com/advisories/46775/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/46775/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46775
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
A vulnerability has been reported in Advantech OPC Server, which can
be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an error in the ADAM ActiveX
control and can be exploited to cause a buffer overflow.
Successful exploitation may allow execution of arbitrary code.
The vulnerability is reported in the following components:
* Advantech ADAM OPC Server versions prior to V3.01.012.
* Advantech Modbus RTU OPC Server versions prior to V3.01.010.
* Advantech Modbus TCP OPC Server versions prior to V3.01.010.
SOLUTION:
Reportedly a patch has been released. Contact the vendor for further
information.
PROVIDED AND/OR DISCOVERED BY:
ICS-CERT credits Security Research and Service Institute Information
and Communication Security Technology Center (ICST).
ORIGINAL ADVISORY:
ICS-CERT:
http://www.us-cert.gov/control_systems/pdf/ICSA-11-279-01.pdf
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-201202-0221 | CVE-2012-0241 | Advantech/BroadWin WebAccess Service disruption in ( Memory corruption ) Vulnerabilities |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Advantech/BroadWin WebAccess before 7.0 allows remote attackers to cause a denial of service (memory corruption) via a modified stream identifier to a function. Advantech Advantech specializes in network computer and network automation, providing more than 450 products including industrial data acquisition, automation software, computer platforms, Advantech industrial computers, computer motherboards and accessories. Advantech/BroadWin SCADA WebAccess is a fully browser-based Human Machine Interface (HMI) and Monitoring and Data Acquisition (SCADA) software. Advantech WebAccess is prone to multiple remote vulnerabilities.
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database, execute arbitrary code gain access to sensitive information, cause a denial-of-service condition. Other attacks are possible. ----------------------------------------------------------------------
Ovum says ad hoc tools are out-dated. The best practice approach?
Fast vulnerability intelligence, threat handling, and setup in one tool.
Read the new report on the Secunia VIM:
http://secunia.com/products/corporate/vim/ovum_2011_request/
----------------------------------------------------------------------
TITLE:
Advantech OPC Server ADAM ActiveX Control Buffer Overflow
Vulnerability
SECUNIA ADVISORY ID:
SA46775
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/46775/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=46775
RELEASE DATE:
2011-11-07
DISCUSS ADVISORY:
http://secunia.com/advisories/46775/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/46775/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46775
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
A vulnerability has been reported in Advantech OPC Server, which can
be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an error in the ADAM ActiveX
control and can be exploited to cause a buffer overflow.
Successful exploitation may allow execution of arbitrary code.
The vulnerability is reported in the following components:
* Advantech ADAM OPC Server versions prior to V3.01.012.
* Advantech Modbus RTU OPC Server versions prior to V3.01.010.
* Advantech Modbus TCP OPC Server versions prior to V3.01.010.
SOLUTION:
Reportedly a patch has been released. Contact the vendor for further
information.
PROVIDED AND/OR DISCOVERED BY:
ICS-CERT credits Security Research and Service Institute Information
and Communication Security Technology Center (ICST).
ORIGINAL ADVISORY:
ICS-CERT:
http://www.us-cert.gov/control_systems/pdf/ICSA-11-279-01.pdf
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-201202-0040 | CVE-2011-4526 | Advantech/BroadWin WebAccess of ActiveX Control buffer overflow vulnerability |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
Buffer overflow in an ActiveX control in Advantech/BroadWin WebAccess before 7.0 might allow remote attackers to execute arbitrary code via a long string value in unspecified parameters. Advantech Advantech specializes in network computer and network automation, providing more than 450 products including industrial data acquisition, automation software, computer platforms, Advantech industrial computers, computer motherboards and accessories. Advantech/BroadWin SCADA WebAccess is a fully browser-based Human Machine Interface (HMI) and Monitoring and Data Acquisition (SCADA) software. Advantech WebAccess is prone to multiple remote vulnerabilities.
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database, execute arbitrary code gain access to sensitive information, cause a denial-of-service condition. Other attacks are possible. ----------------------------------------------------------------------
Ovum says ad hoc tools are out-dated. The best practice approach?
Fast vulnerability intelligence, threat handling, and setup in one tool.
Read the new report on the Secunia VIM:
http://secunia.com/products/corporate/vim/ovum_2011_request/
----------------------------------------------------------------------
TITLE:
Advantech OPC Server ADAM ActiveX Control Buffer Overflow
Vulnerability
SECUNIA ADVISORY ID:
SA46775
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/46775/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=46775
RELEASE DATE:
2011-11-07
DISCUSS ADVISORY:
http://secunia.com/advisories/46775/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/46775/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46775
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
A vulnerability has been reported in Advantech OPC Server, which can
be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an error in the ADAM ActiveX
control and can be exploited to cause a buffer overflow.
Successful exploitation may allow execution of arbitrary code.
The vulnerability is reported in the following components:
* Advantech ADAM OPC Server versions prior to V3.01.012.
* Advantech Modbus RTU OPC Server versions prior to V3.01.010.
* Advantech Modbus TCP OPC Server versions prior to V3.01.010.
SOLUTION:
Reportedly a patch has been released. Contact the vendor for further
information.
PROVIDED AND/OR DISCOVERED BY:
ICS-CERT credits Security Research and Service Institute Information
and Communication Security Technology Center (ICST).
ORIGINAL ADVISORY:
ICS-CERT:
http://www.us-cert.gov/control_systems/pdf/ICSA-11-279-01.pdf
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-201202-0035 | CVE-2011-4521 | Advantech/BroadWin WebAccess In SQL Injection vulnerability |
CVSS V2: 7.5 CVSS V3: - Severity: HIGH |
SQL injection vulnerability in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary SQL commands via crafted string input. Advantech Advantech specializes in network computer and network automation, providing more than 450 products including industrial data acquisition, automation software, computer platforms, Advantech industrial computers, computer motherboards and accessories. Advantech/BroadWin SCADA WebAccess is a fully browser-based Human Machine Interface (HMI) and Monitoring and Data Acquisition (SCADA) software. Advantech WebAccess is prone to multiple remote vulnerabilities.
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database, execute arbitrary code gain access to sensitive information, cause a denial-of-service condition. Other attacks are possible. ----------------------------------------------------------------------
Ovum says ad hoc tools are out-dated. The best practice approach?
Fast vulnerability intelligence, threat handling, and setup in one tool.
Read the new report on the Secunia VIM:
http://secunia.com/products/corporate/vim/ovum_2011_request/
----------------------------------------------------------------------
TITLE:
Advantech OPC Server ADAM ActiveX Control Buffer Overflow
Vulnerability
SECUNIA ADVISORY ID:
SA46775
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/46775/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=46775
RELEASE DATE:
2011-11-07
DISCUSS ADVISORY:
http://secunia.com/advisories/46775/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/46775/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46775
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
A vulnerability has been reported in Advantech OPC Server, which can
be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an error in the ADAM ActiveX
control and can be exploited to cause a buffer overflow.
Successful exploitation may allow execution of arbitrary code.
The vulnerability is reported in the following components:
* Advantech ADAM OPC Server versions prior to V3.01.012.
* Advantech Modbus RTU OPC Server versions prior to V3.01.010.
* Advantech Modbus TCP OPC Server versions prior to V3.01.010.
SOLUTION:
Reportedly a patch has been released. Contact the vendor for further
information.
PROVIDED AND/OR DISCOVERED BY:
ICS-CERT credits Security Research and Service Institute Information
and Communication Security Technology Center (ICST).
ORIGINAL ADVISORY:
ICS-CERT:
http://www.us-cert.gov/control_systems/pdf/ICSA-11-279-01.pdf
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
| VAR-201111-0262 | CVE-2011-2458 | Adobe Flash Player and Adobe AIR Vulnerable to bypass cross-domain policy |
CVSS V2: 9.3 CVSS V3: - Severity: HIGH |
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, when Internet Explorer is used, allows remote attackers to bypass the cross-domain policy via a crafted web site.
An attacker can exploit this issue to bypass certain same-origin policy restrictions, which may aid in further attacks. The product enables viewing of applications, content and video across screens and browsers.
For more information:
SA46818
2) A double free error exists in the Theora decoder.
3) Some errors in the MKV and Vorbis media handlers can be exploited
to perform an out of bounds read.
7) A use-after-free error exists within certain editing
functionality.
8) The application fails to ask for permission when running some JRE7
applets.
SOLUTION:
Update to version 15.0.874.120.
PROVIDED AND/OR DISCOVERED BY:
8) Chris Evans, Google Chrome Security Team.
The vendor also credits:
2, 3, 5) Aki Helin, OUSPG.
4) Andrew Scherkus, Chromium development community.
6) Ken \x93strcpy\x94 Russell, Chromium development community.
7) pa_kt via ZDI. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201204-07
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Adobe Flash Player: Multiple vulnerabilities
Date: April 17, 2012
Bugs: #390149, #404101, #407023, #410005
ID: 201204-07
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities in Adobe Flash Player, the worst of which
might allow remote attackers to execute arbitrary code.
Background
==========
The Adobe Flash Player is a renderer for the SWF file format, which is
commonly used to provide interactive websites.
Please review the CVE identifiers referenced below for details.
Impact
======
A remote attacker could entice a user to open a specially crafted SWF
file, possibly resulting in execution of arbitrary code with the
privileges of the process or a Denial of Service condition.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.228"
References
==========
[ 1 ] CVE-2011-2445
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2445
[ 2 ] CVE-2011-2450
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2450
[ 3 ] CVE-2011-2451
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2451
[ 4 ] CVE-2011-2452
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2452
[ 5 ] CVE-2011-2453
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2453
[ 6 ] CVE-2011-2454
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2454
[ 7 ] CVE-2011-2455
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2455
[ 8 ] CVE-2011-2456
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2456
[ 9 ] CVE-2011-2457
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2457
[ 10 ] CVE-2011-2458
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2458
[ 11 ] CVE-2011-2459
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2459
[ 12 ] CVE-2011-2460
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2460
[ 13 ] CVE-2012-0752
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0752
[ 14 ] CVE-2012-0753
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0753
[ 15 ] CVE-2012-0754
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0754
[ 16 ] CVE-2012-0755
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0755
[ 17 ] CVE-2012-0756
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0756
[ 18 ] CVE-2012-0767
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0767
[ 19 ] CVE-2012-0768
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0768
[ 20 ] CVE-2012-0769
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0769
[ 21 ] CVE-2012-0773
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0773
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201204-07.xml
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. ----------------------------------------------------------------------
SC World Congress, New York, USA, 16 November 2011
Visit the Secunia booth (#203) and discover how you can improve your handling of third party programs:
http://secunia.com/resources/events/sc_2011/
----------------------------------------------------------------------
TITLE:
Adobe Flash Player Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA46818
VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/46818/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=46818
RELEASE DATE:
2011-11-11
DISCUSS ADVISORY:
http://secunia.com/advisories/46818/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA:
* Last Update
* Popularity
* Comments
* Criticality Level
* Impact
* Where
* Solution Status
* Operating System / Software
* CVE Reference(s)
http://secunia.com/advisories/46818/
ONLY AVAILABLE IN CUSTOMER AREA:
* Authentication Level
* Report Reliability
* Secunia PoC
* Secunia Analysis
* Systems Affected
* Approve Distribution
* Remediation Status
* Secunia CVSS Score
* CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46818
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:
* AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/
http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION:
Multiple vulnerabilities have been reported in Adobe Flash Player,
which can be exploited by malicious people to bypass certain security
restrictions and compromise a user's system.
1) An unspecified error can be exploited to corrupt memory.
2) An unspecified error can be exploited to cause a heap-based buffer
overflow.
3) An unspecified error can be exploited to corrupt memory.
4) An unspecified error can be exploited to corrupt memory.
5) An unspecified error can be exploited to corrupt memory.
6) An unspecified error can be exploited to corrupt memory.
7) An unspecified error can be exploited to corrupt memory.
8) An unspecified error can be exploited to cause a buffer overflow.
9) An unspecified error can be exploited to cause a stack-based
buffer overflow.
10) An unspecified error can be exploited to bypass the cross-domain
policy.
Note: This vulnerability affects users running Internet Explorer
only.
11) An unspecified error can be exploited to corrupt memory.
12) An unspecified error can be exploited to corrupt memory.
Successful exploitation of vulnerabilities #1 through #9, #11, and
#12 may allow execution of arbitrary code.
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY:
The vendor credits:
1) Ivan Golenkov and Alexander Gostev, Kaspersky Lab
2-6, 9, 12) Tavis Ormandy, Google Security Team
7) Bo Qu, Palo Alto Networks
8) Ben Hawkes, Google Security Team
10) lakehu, Tencent Security Center
11) anonymous via iDefense Labs
ORIGINAL ADVISORY:
http://www.adobe.com/support/security/bulletins/apsb11-28.html
OTHER REFERENCES:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
DEEP LINKS:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
EXPLOIT:
Further details available in Customer Area:
http://secunia.com/vulnerability_intelligence/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
----------------------------------------------------------------------
. ----------------------------------------------------------------------
Become a PSI 3.0 beta tester!
Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. This fixes multiple
vulnerabilities, which can be exploited by malicious people to
conduct cross-site scripting attacks, gain knowledge of potentially
sensitive information, bypass certain security restrictions, and
compromise a user's system