Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-0229

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2012-0229
Last Modified 16 Mar 2012 12:00:00
Published 15 Mar 2012 02:55:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-0229

Summary

The Data Archiver service in GE Intelligent Platforms Proficy Historian 4.5 and earlier allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted session on TCP port 14000 to (1) ihDataArchiver.exe or (2) ihDataArchiver_x64.exe.

Vulnerable Systems

Application

  • Intelligent Platforms Proficy Historian 1.0

  • Intelligent Platforms Proficy Historian 2.0

  • Intelligent Platforms Proficy Historian 3.0

  • Intelligent Platforms Proficy Historian 3.1

  • Intelligent Platforms Proficy Historian 3.5

  • Intelligent Platforms Proficy Historian 4.0

  • Intelligent Platforms Proficy Historian 4.5


References

MISC - http://www.us-cert.gov/control_systems/pdf/ICSA-12-032-01.pdf

MISC - http://support.ge-ip.com/support/index?page=kbchannel&id=S:KB14767


Last Updated: 27 May 2016 10:57:28