Search
Find a vulnerability
Search criteria
2 vulnerabilities found for opc_server by gesytec_easylon
CVE-2007-4473 (GCVE-0-2007-4473)
Vulnerability from nvd – Published: 2007-12-17 21:00 – Updated: 2024-08-07 14:53
VLAI
EPSS
VEX
Summary
Gesytec Easylon OPC Server before 2.3.44 does not properly validate server handles, which allows remote attackers to execute arbitrary code or cause a denial of service via unspecified network traffic to the OLE for Process Control (OPC) interface, probably related to free operations on arbitrary memory addresses through certain Remove functions, and read and write operations on arbitrary memory addresses through certain Set, Read, and Write functions.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/28079 | third-party-advisoryx_refsource_SECUNIA |
| http://www.neutralbit.com/en/rd/opctest/ | x_refsource_MISC |
| http://osvdb.org/42650 | vdb-entryx_refsource_OSVDB |
| http://www.neutralbit.com/downloads/NB-NB-001-EXT… | x_refsource_MISC |
| http://www.securityfocus.com/bid/26876 | vdb-entryx_refsource_BID |
| http://www.kb.cert.org/vuls/id/205073 | third-party-advisoryx_refsource_CERT-VN |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2007-12-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:53:55.986Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "28079",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28079"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.neutralbit.com/en/rd/opctest/"
},
{
"name": "42650",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/42650"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.neutralbit.com/downloads/NB-NB-001-EXT-OPC%20Security%20Testing.pdf"
},
{
"name": "26876",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26876"
},
{
"name": "VU#205073",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/205073"
},
{
"name": "easylon-server-code-execution(39062)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39062"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-12-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Gesytec Easylon OPC Server before 2.3.44 does not properly validate server handles, which allows remote attackers to execute arbitrary code or cause a denial of service via unspecified network traffic to the OLE for Process Control (OPC) interface, probably related to free operations on arbitrary memory addresses through certain Remove functions, and read and write operations on arbitrary memory addresses through certain Set, Read, and Write functions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "28079",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28079"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.neutralbit.com/en/rd/opctest/"
},
{
"name": "42650",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/42650"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.neutralbit.com/downloads/NB-NB-001-EXT-OPC%20Security%20Testing.pdf"
},
{
"name": "26876",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26876"
},
{
"name": "VU#205073",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/205073"
},
{
"name": "easylon-server-code-execution(39062)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39062"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2007-4473",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Gesytec Easylon OPC Server before 2.3.44 does not properly validate server handles, which allows remote attackers to execute arbitrary code or cause a denial of service via unspecified network traffic to the OLE for Process Control (OPC) interface, probably related to free operations on arbitrary memory addresses through certain Remove functions, and read and write operations on arbitrary memory addresses through certain Set, Read, and Write functions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "28079",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28079"
},
{
"name": "http://www.neutralbit.com/en/rd/opctest/",
"refsource": "MISC",
"url": "http://www.neutralbit.com/en/rd/opctest/"
},
{
"name": "42650",
"refsource": "OSVDB",
"url": "http://osvdb.org/42650"
},
{
"name": "http://www.neutralbit.com/downloads/NB-NB-001-EXT-OPC%20Security%20Testing.pdf",
"refsource": "MISC",
"url": "http://www.neutralbit.com/downloads/NB-NB-001-EXT-OPC%20Security%20Testing.pdf"
},
{
"name": "26876",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26876"
},
{
"name": "VU#205073",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/205073"
},
{
"name": "easylon-server-code-execution(39062)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39062"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2007-4473",
"datePublished": "2007-12-17T21:00:00.000Z",
"dateReserved": "2007-08-22T00:00:00.000Z",
"dateUpdated": "2024-08-07T14:53:55.986Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4473 (GCVE-0-2007-4473)
Vulnerability from cvelistv5 – Published: 2007-12-17 21:00 – Updated: 2024-08-07 14:53
VLAI
EPSS
VEX
Summary
Gesytec Easylon OPC Server before 2.3.44 does not properly validate server handles, which allows remote attackers to execute arbitrary code or cause a denial of service via unspecified network traffic to the OLE for Process Control (OPC) interface, probably related to free operations on arbitrary memory addresses through certain Remove functions, and read and write operations on arbitrary memory addresses through certain Set, Read, and Write functions.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/28079 | third-party-advisoryx_refsource_SECUNIA |
| http://www.neutralbit.com/en/rd/opctest/ | x_refsource_MISC |
| http://osvdb.org/42650 | vdb-entryx_refsource_OSVDB |
| http://www.neutralbit.com/downloads/NB-NB-001-EXT… | x_refsource_MISC |
| http://www.securityfocus.com/bid/26876 | vdb-entryx_refsource_BID |
| http://www.kb.cert.org/vuls/id/205073 | third-party-advisoryx_refsource_CERT-VN |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2007-12-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:53:55.986Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "28079",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28079"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.neutralbit.com/en/rd/opctest/"
},
{
"name": "42650",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/42650"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.neutralbit.com/downloads/NB-NB-001-EXT-OPC%20Security%20Testing.pdf"
},
{
"name": "26876",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26876"
},
{
"name": "VU#205073",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/205073"
},
{
"name": "easylon-server-code-execution(39062)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39062"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-12-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Gesytec Easylon OPC Server before 2.3.44 does not properly validate server handles, which allows remote attackers to execute arbitrary code or cause a denial of service via unspecified network traffic to the OLE for Process Control (OPC) interface, probably related to free operations on arbitrary memory addresses through certain Remove functions, and read and write operations on arbitrary memory addresses through certain Set, Read, and Write functions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "28079",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28079"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.neutralbit.com/en/rd/opctest/"
},
{
"name": "42650",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/42650"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.neutralbit.com/downloads/NB-NB-001-EXT-OPC%20Security%20Testing.pdf"
},
{
"name": "26876",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26876"
},
{
"name": "VU#205073",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/205073"
},
{
"name": "easylon-server-code-execution(39062)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39062"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2007-4473",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Gesytec Easylon OPC Server before 2.3.44 does not properly validate server handles, which allows remote attackers to execute arbitrary code or cause a denial of service via unspecified network traffic to the OLE for Process Control (OPC) interface, probably related to free operations on arbitrary memory addresses through certain Remove functions, and read and write operations on arbitrary memory addresses through certain Set, Read, and Write functions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "28079",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28079"
},
{
"name": "http://www.neutralbit.com/en/rd/opctest/",
"refsource": "MISC",
"url": "http://www.neutralbit.com/en/rd/opctest/"
},
{
"name": "42650",
"refsource": "OSVDB",
"url": "http://osvdb.org/42650"
},
{
"name": "http://www.neutralbit.com/downloads/NB-NB-001-EXT-OPC%20Security%20Testing.pdf",
"refsource": "MISC",
"url": "http://www.neutralbit.com/downloads/NB-NB-001-EXT-OPC%20Security%20Testing.pdf"
},
{
"name": "26876",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26876"
},
{
"name": "VU#205073",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/205073"
},
{
"name": "easylon-server-code-execution(39062)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39062"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2007-4473",
"datePublished": "2007-12-17T21:00:00.000Z",
"dateReserved": "2007-08-22T00:00:00.000Z",
"dateUpdated": "2024-08-07T14:53:55.986Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}