Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4705

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2012-4705
Last Modified 20 May 2013 11:20:36
Published 24 Feb 2013 06:48:21
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-4705

Summary

Directory traversal vulnerability in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via vectors involving a crafted pathname.

Vulnerable Systems

Application

  • 3s-software Codesys Gateway-server 2.3.5.1

  • 3s-software Codesys Gateway-server 2.3.5.2

  • 3s-software Codesys Gateway-server 2.3.5.3

  • 3s-software Codesys Gateway-server 2.3.6.0

  • 3s-software Codesys Gateway-server 2.3.7.0

  • 3s-software Codesys Gateway-server 2.3.8.0

  • 3s-software Codesys Gateway-server 2.3.8.1

  • 3s-software Codesys Gateway-server 2.3.8.2

  • 3s-software Codesys Gateway-server 2.3.9

  • 3s-software Codesys Gateway-server 2.3.9.1

  • 3s-software Codesys Gateway-server 2.3.9.18

  • 3s-software Codesys Gateway-server 2.3.9.19

  • 3s-software Codesys Gateway-server 2.3.9.2

  • 3s-software Codesys Gateway-server 2.3.9.20

  • 3s-software Codesys Gateway-server 2.3.9.3

  • 3s-software Codesys Gateway-server 2.3.9.4

  • 3s-software Codesys Gateway-server 2.3.9.5


References

MISC - http://ics-cert.us-cert.gov/pdf/ICSA-13-050-01-a.pdf

MISC - http://ics-cert.us-cert.gov/advisories/ICSA-13-050-01A


Last Updated: 27 May 2016 11:01:56