Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-0245

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2012-0245
Last Modified 29 Oct 2012 11:59:53
Published 09 Mar 2012 06:55:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-0245

Summary

Multiple stack-based buffer overflows in RobNetScanHost.exe in ABB Robot Communications Runtime before 5.14.02, as used in ABB Interlink Module, IRC5 OPC Server, PC SDK, PickMaster 3 and 5, RobView 5, RobotStudio, WebWare SDK, and WebWare Server, allow remote attackers to execute arbitrary code via a crafted (1) 0xA or (2) 0xE Netscan packet.

Vulnerable Systems

Application

  • Abb Interlink Module -

  • Abb Irc5 Opc Server -

  • Abb Pc Sdk -

  • Abb Pickmaster 3 -

  • Abb Pickmaster 5 -

  • Abb Robot Communications Runtime 5.14.01

  • Abb Robotstudio -

  • Abb Robview 5 -

  • Abb Webware Sdk -

  • Abb Webware Server -


References

MISC - http://www.us-cert.gov/control_systems/pdf/ICSA-12-059-01.pdf

CONFIRM - http://www05.abb.com/global/scot/scot348.nsf/veritydisplay/f261be074480dc24c12579a00049ecd5/$file/si10227a1%20vulnerability%20security%20advisory.pdf

MISC - http://www.zerodayinitiative.com/advisories/ZDI-12-033/

SECUNIA - 48090

BID - 52123

BUGTRAQ - 20120222 ZDI-12-033 : ABB WebWare RobNetScanHost.exe Remote Code Execution Vulnerability


Last Updated: 27 May 2016 10:58:21