Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4707

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2012-4707
Last Modified 20 May 2013 11:20:37
Published 24 Feb 2013 06:48:21
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-4707

Summary

3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via vectors that trigger an out-of-bounds memory access.

Vulnerable Systems

Application

  • 3s-software Codesys Gateway-server 2.3.5.1

  • 3s-software Codesys Gateway-server 2.3.5.2

  • 3s-software Codesys Gateway-server 2.3.5.3

  • 3s-software Codesys Gateway-server 2.3.6.0

  • 3s-software Codesys Gateway-server 2.3.7.0

  • 3s-software Codesys Gateway-server 2.3.8.0

  • 3s-software Codesys Gateway-server 2.3.8.1

  • 3s-software Codesys Gateway-server 2.3.8.2

  • 3s-software Codesys Gateway-server 2.3.9

  • 3s-software Codesys Gateway-server 2.3.9.1

  • 3s-software Codesys Gateway-server 2.3.9.18

  • 3s-software Codesys Gateway-server 2.3.9.19

  • 3s-software Codesys Gateway-server 2.3.9.2

  • 3s-software Codesys Gateway-server 2.3.9.3

  • 3s-software Codesys Gateway-server 2.3.9.4

  • 3s-software Codesys Gateway-server 2.3.9.5


References

MISC - http://ics-cert.us-cert.gov/pdf/ICSA-13-050-01-a.pdf

MISC - http://ics-cert.us-cert.gov/advisories/ICSA-13-050-01A


Last Updated: 27 May 2016 11:01:56