Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-0254

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2012-0254
Last Modified 10 Sep 2012 12:00:00
Published 08 Sep 2012 06:28:19
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-0254

Summary

Stack-based buffer overflow in the HMIWeb Browser HSCDSPRenderDLL ActiveX control in Honeywell Process Solutions (HPS) Experion R2xx, R30x, R31x, and R400.x; Honeywell Building Solutions (HBS) Enterprise Building Manager R400 and R410.1; and Honeywell Environmental Combustion and Controls (ECC) SymmetrE R410.1 allows remote attackers to execute arbitrary code via unspecified vectors.

Vulnerable Systems

Application

  • Honeywellprocess Enterprise Building Manager R400

  • Honeywellprocess Enterprise Building Manager R410.1

  • Honeywellprocess Experion R200

  • Honeywellprocess Experion R300

  • Honeywellprocess Experion R310

  • Honeywellprocess Experion R400.0

  • Honeywellprocess Symmetre R410.1


References

MISC - https://www.honeywellprocess.com/en-US/support/pages/all-notifications.aspx

MISC - http://www.us-cert.gov/control_systems/pdf/ICSA-12-150-01.pdf


Last Updated: 27 May 2016 11:00:31