CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-3007

Stack-based buffer overflow in slssvc.exe before 58.x in Invensys Wonderware SuiteLink in the Invensys System Platform software suite, as used in InTouch/Wonderware Application Server IT before 10.5 and WAS before 3.5, DASABCIP before 4.1 SP2, DASSiDirect before 3.0, DAServer Runtime Components before 3.0 SP2, and other products, allows remote attackers to cause a denial of service (daemon crash or hang) via a long Unicode string.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 67.3%

CVSS Severity

CVSS v2 Score 5.0

References

Products affected by CVE-2012-3007

Invensys » Dasabcip » Version: 4.1

cpe:2.3:a:invensys:dasabcip:4.1
Invensys » Daserver Runtime Components » Version: 3.0

cpe:2.3:a:invensys:daserver_runtime_components:3.0
Invensys » Dassidirect » Version: 2.0

cpe:2.3:a:invensys:dassidirect:2.0
Invensys » Intouch/wonderware Application Server » Version: 10.0

cpe:2.3:a:invensys:intouch/wonderware_application_server:10.0
Invensys » Wonderware Application Server » Version: 3.0

cpe:2.3:a:invensys:wonderware_application_server:3.0
Invensys » Wonderware Application Server » Version: 3.0.200

cpe:2.3:a:invensys:wonderware_application_server:3.0.200
Invensys » Wonderware Application Server » Version: 3.1

cpe:2.3:a:invensys:wonderware_application_server:3.1
Invensys » Wonderware Application Server » Version: 3.1.201

cpe:2.3:a:invensys:wonderware_application_server:3.1.201

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-3007

Products

Pricing

Contact Us