Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4706

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2012-4706
Last Modified 20 May 2013 11:20:36
Published 24 Feb 2013 06:48:21
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-4706

Summary

Integer signedness error in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to cause a denial of service via a crafted packet that triggers a heap-based buffer overflow.

Vulnerable Systems

Application

  • 3s-software Codesys Gateway-server 2.3.5.1

  • 3s-software Codesys Gateway-server 2.3.5.2

  • 3s-software Codesys Gateway-server 2.3.5.3

  • 3s-software Codesys Gateway-server 2.3.6.0

  • 3s-software Codesys Gateway-server 2.3.7.0

  • 3s-software Codesys Gateway-server 2.3.8.0

  • 3s-software Codesys Gateway-server 2.3.8.1

  • 3s-software Codesys Gateway-server 2.3.8.2

  • 3s-software Codesys Gateway-server 2.3.9

  • 3s-software Codesys Gateway-server 2.3.9.1

  • 3s-software Codesys Gateway-server 2.3.9.18

  • 3s-software Codesys Gateway-server 2.3.9.19

  • 3s-software Codesys Gateway-server 2.3.9.2

  • 3s-software Codesys Gateway-server 2.3.9.20

  • 3s-software Codesys Gateway-server 2.3.9.3

  • 3s-software Codesys Gateway-server 2.3.9.4

  • 3s-software Codesys Gateway-server 2.3.9.5


References

MISC - http://ics-cert.us-cert.gov/pdf/ICSA-13-050-01-a.pdf

MISC - http://ics-cert.us-cert.gov/advisories/ICSA-13-050-01A


Last Updated: 27 May 2016 11:01:56