CVE-2012-1801

Multiple stack-based buffer overflows in (1) COM and (2) ActiveX controls in ABB WebWare Server, WebWare SDK, Interlink Module, S4 OPC Server, QuickTeach, RobotStudio S4, and RobotStudio Lite allow remote attackers to execute arbitrary code via crafted input data.

CVSS v2.0 7.7 HIGH

7.7^/10

CVSS v2.0 : HIGH

Vector : AV:A/AC:L/Au:S/C:C/I:C/A:C

Exploitability : 5.1 / Impact : 10.0

Access Vector ADJACENT_NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://secunia.com/advisories/48693
http://www.securityfocus.com/bid/52888
http://www.us-cert.gov/control_systems/pdf/ICSA-12-095-01A.pdf	US Government Resource
http://www05.abb.com/global/scot/scot348.nsf/veritydisplay/35df9dc4a94ae83ac12579ca0043acc1/%24file/SI10231A2%20rev%200.pdf

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:abb:interlink_module:-:::::::*
	cpe:2.3:a:abb:quickteach:-:::::::*
	cpe:2.3:a:abb:robotstudio_lite:-:::::::*
	cpe:2.3:a:abb:robotstudio_s4:-:::::::*
	cpe:2.3:a:abb:s4_opc_server:-:::::::*
	cpe:2.3:a:abb:webware_sdk:-:::::::*
	cpe:2.3:a:abb:webware_server:-:::::::*

History

07 Nov 2023, 02:10

Type	Values Removed	Values Added
References	{'url': 'http://www05.abb.com/global/scot/scot348.nsf/veritydisplay/35df9dc4a94ae83ac12579ca0043acc1/$file/SI10231A2%20rev%200.pdf', 'name': 'http://www05.abb.com/global/scot/scot348.nsf/veritydisplay/35df9dc4a94ae83ac12579ca0043acc1/$file/SI10231A2%20rev%200.pdf', 'tags': ['Vendor Advisory'], 'refsource': 'CONFIRM'}	() http://www05.abb.com/global/scot/scot348.nsf/veritydisplay/35df9dc4a94ae83ac12579ca0043acc1/%24file/SI10231A2%20rev%200.pdf -

Information

Published : 2012-04-18 10:33

Updated : 2023-12-10 11:16

NVD link : CVE-2012-1801

Mitre link : CVE-2012-1801

CVE.ORG link : CVE-2012-1801

JSON object : View

Products Affected

abb

robotstudio_s4
webware_server
quickteach
robotstudio_lite
webware_sdk
interlink_module
s4_opc_server

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

{"id": "CVE-2012-1801", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.7, "accessVector": "ADJACENT_NETWORK", "vectorString": "AV:A/AC:L/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 5.1, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2012-04-18T10:33:35.417", "references": [{"url": "http://secunia.com/advisories/48693", "source": "cret@cert.org"}, {"url": "http://www.securityfocus.com/bid/52888", "source": "cret@cert.org"}, {"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-095-01A.pdf", "tags": ["US Government Resource"], "source": "cret@cert.org"}, {"url": "http://www05.abb.com/global/scot/scot348.nsf/veritydisplay/35df9dc4a94ae83ac12579ca0043acc1/%24file/SI10231A2%20rev%200.pdf", "source": "cret@cert.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Multiple stack-based buffer overflows in (1) COM and (2) ActiveX controls in ABB WebWare Server, WebWare SDK, Interlink Module, S4 OPC Server, QuickTeach, RobotStudio S4, and RobotStudio Lite allow remote attackers to execute arbitrary code via crafted input data."}, {"lang": "es", "value": "M\u00faltiples desbordamientos de b\u00fafer basados ??en la pila en controles (1) COM y (2) ActiveX en ABB WebWare Server SDK WebWare, M\u00f3dulo de Interlink, S4 Servidor OPC, QuickTeach, S4 RobotStudio y RobotStudio Lite permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de la entrada modificada."}], "lastModified": "2023-11-07T02:10:20.220", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:abb:interlink_module:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E3613C59-4589-43B6-8B92-CD1D99CA5E08"}, {"criteria": "cpe:2.3:a:abb:quickteach:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "060957B9-B811-45D0-B6C6-AA3ABD8415E1"}, {"criteria": "cpe:2.3:a:abb:robotstudio_lite:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DDB58170-F332-442A-8470-523DAEE3C544"}, {"criteria": "cpe:2.3:a:abb:robotstudio_s4:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EA154046-8D05-4D9E-A1BF-65E36D9E92C8"}, {"criteria": "cpe:2.3:a:abb:s4_opc_server:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4F891948-4044-4D71-97E0-AB6E76830020"}, {"criteria": "cpe:2.3:a:abb:webware_sdk:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6C6E8AF2-2353-48A7-805A-A11D3D689F44"}, {"criteria": "cpe:2.3:a:abb:webware_server:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B02E9A10-D707-44BF-B37E-A457BDF3BB88"}], "operator": "OR"}]}], "sourceIdentifier": "cret@cert.org"}