CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-0257

Heap-based buffer overflow in the WWCabFile ActiveX component in the Wonderware System Platform in Invensys Wonderware Application Server 2012 and earlier, Foxboro Control Software 3.1 and earlier, InFusion CE/FE/SCADA 2.5 and earlier, Wonderware Information Server 4.5 and earlier, ArchestrA Application Object Toolkit 3.2 and earlier, and InTouch 10.0 through 10.5 might allow remote attackers to execute arbitrary code via a long string to the Open member, leading to a function-pointer overwrite.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.031

EPSS Ranking 86.2%

CVSS Severity

CVSS v2 Score 6.8

References

Products affected by CVE-2012-0257

Invensys » Archestra Application Object Toolkit » Version: Any

cpe:2.3:a:invensys:archestra_application_object_toolkit:*
Invensys » Foxboro Control Software » Version: 3.1

cpe:2.3:a:invensys:foxboro_control_software:3.1
Invensys » Infusion Control Edition » Version: Any

cpe:2.3:a:invensys:infusion_control_edition:*
Invensys » Infusion Foundation Edition » Version: Any

cpe:2.3:a:invensys:infusion_foundation_edition:*
Invensys » Infusion Scada » Version: Any

cpe:2.3:a:invensys:infusion_scada:*
Invensys » Intouch » Version: 10.0

cpe:2.3:a:invensys:intouch:10.0
Invensys » Intouch » Version: 10.5

cpe:2.3:a:invensys:intouch:10.5
Invensys » Wonderware Application Server » Version: 2.0

cpe:2.3:a:invensys:wonderware_application_server:2.0
Invensys » Wonderware Application Server » Version: 2.0.001

cpe:2.3:a:invensys:wonderware_application_server:2.0.001
Invensys » Wonderware Application Server » Version: 2.1

cpe:2.3:a:invensys:wonderware_application_server:2.1
Invensys » Wonderware Application Server » Version: 2.1.002

cpe:2.3:a:invensys:wonderware_application_server:2.1.002
Invensys » Wonderware Application Server » Version: 2012

cpe:2.3:a:invensys:wonderware_application_server:2012
Invensys » Wonderware Application Server » Version: 3.0

cpe:2.3:a:invensys:wonderware_application_server:3.0
Invensys » Wonderware Application Server » Version: 3.0.200

cpe:2.3:a:invensys:wonderware_application_server:3.0.200
Invensys » Wonderware Application Server » Version: 3.1

cpe:2.3:a:invensys:wonderware_application_server:3.1
Invensys » Wonderware Application Server » Version: 3.1.201

cpe:2.3:a:invensys:wonderware_application_server:3.1.201
Invensys » Wonderware Application Server » Version: 3.5

cpe:2.3:a:invensys:wonderware_application_server:3.5
Invensys » Wonderware Information Server » Version: 3.1

cpe:2.3:a:invensys:wonderware_information_server:3.1
Invensys » Wonderware Information Server » Version: 4.0

cpe:2.3:a:invensys:wonderware_information_server:4.0
Invensys » Wonderware Information Server » Version: 4.5

cpe:2.3:a:invensys:wonderware_information_server:4.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-0257

Products

Pricing

Contact Us