Search criteria
2 vulnerabilities found for wonderware_archestra_configuration_access_component_activex_control by invensys
CVE-2010-2974 (GCVE-0-2010-2974)
Vulnerability from nvd – Published: 2010-08-05 19:00 – Updated: 2024-09-17 03:43
VLAI?
Summary
Stack-based buffer overflow in the IConfigurationAccess interface in the Invensys Wonderware Archestra ConfigurationAccessComponent ActiveX control in Wonderware Application Server (WAS) before 3.1 SP2 P01, as used in the Wonderware Archestra Integrated Development Environment (IDE) and the InFusion Integrated Engineering Environment (IEE), allows remote attackers to execute arbitrary code via the first argument to the UnsubscribeData method.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:55:45.509Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#703189",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/703189"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.pacwest.wonderware.com/web/News/NewsDetails.aspx?NewsID=203108"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wdnresource.wonderware.com/support/kbcd/html/1/t002492.htm"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/MORO-87MHPT"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the IConfigurationAccess interface in the Invensys Wonderware Archestra ConfigurationAccessComponent ActiveX control in Wonderware Application Server (WAS) before 3.1 SP2 P01, as used in the Wonderware Archestra Integrated Development Environment (IDE) and the InFusion Integrated Engineering Environment (IEE), allows remote attackers to execute arbitrary code via the first argument to the UnsubscribeData method."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-08-05T19:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#703189",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/703189"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.pacwest.wonderware.com/web/News/NewsDetails.aspx?NewsID=203108"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wdnresource.wonderware.com/support/kbcd/html/1/t002492.htm"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kb.cert.org/vuls/id/MORO-87MHPT"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2974",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the IConfigurationAccess interface in the Invensys Wonderware Archestra ConfigurationAccessComponent ActiveX control in Wonderware Application Server (WAS) before 3.1 SP2 P01, as used in the Wonderware Archestra Integrated Development Environment (IDE) and the InFusion Integrated Engineering Environment (IEE), allows remote attackers to execute arbitrary code via the first argument to the UnsubscribeData method."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#703189",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/703189"
},
{
"name": "http://www.pacwest.wonderware.com/web/News/NewsDetails.aspx?NewsID=203108",
"refsource": "CONFIRM",
"url": "http://www.pacwest.wonderware.com/web/News/NewsDetails.aspx?NewsID=203108"
},
{
"name": "https://wdnresource.wonderware.com/support/kbcd/html/1/t002492.htm",
"refsource": "CONFIRM",
"url": "https://wdnresource.wonderware.com/support/kbcd/html/1/t002492.htm"
},
{
"name": "http://www.kb.cert.org/vuls/id/MORO-87MHPT",
"refsource": "CONFIRM",
"url": "http://www.kb.cert.org/vuls/id/MORO-87MHPT"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-2974",
"datePublished": "2010-08-05T19:00:00Z",
"dateReserved": "2010-08-05T00:00:00Z",
"dateUpdated": "2024-09-17T03:43:16.392Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2974 (GCVE-0-2010-2974)
Vulnerability from cvelistv5 – Published: 2010-08-05 19:00 – Updated: 2024-09-17 03:43
VLAI?
Summary
Stack-based buffer overflow in the IConfigurationAccess interface in the Invensys Wonderware Archestra ConfigurationAccessComponent ActiveX control in Wonderware Application Server (WAS) before 3.1 SP2 P01, as used in the Wonderware Archestra Integrated Development Environment (IDE) and the InFusion Integrated Engineering Environment (IEE), allows remote attackers to execute arbitrary code via the first argument to the UnsubscribeData method.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:55:45.509Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#703189",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/703189"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.pacwest.wonderware.com/web/News/NewsDetails.aspx?NewsID=203108"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wdnresource.wonderware.com/support/kbcd/html/1/t002492.htm"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/MORO-87MHPT"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the IConfigurationAccess interface in the Invensys Wonderware Archestra ConfigurationAccessComponent ActiveX control in Wonderware Application Server (WAS) before 3.1 SP2 P01, as used in the Wonderware Archestra Integrated Development Environment (IDE) and the InFusion Integrated Engineering Environment (IEE), allows remote attackers to execute arbitrary code via the first argument to the UnsubscribeData method."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-08-05T19:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#703189",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/703189"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.pacwest.wonderware.com/web/News/NewsDetails.aspx?NewsID=203108"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wdnresource.wonderware.com/support/kbcd/html/1/t002492.htm"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kb.cert.org/vuls/id/MORO-87MHPT"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2974",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the IConfigurationAccess interface in the Invensys Wonderware Archestra ConfigurationAccessComponent ActiveX control in Wonderware Application Server (WAS) before 3.1 SP2 P01, as used in the Wonderware Archestra Integrated Development Environment (IDE) and the InFusion Integrated Engineering Environment (IEE), allows remote attackers to execute arbitrary code via the first argument to the UnsubscribeData method."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#703189",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/703189"
},
{
"name": "http://www.pacwest.wonderware.com/web/News/NewsDetails.aspx?NewsID=203108",
"refsource": "CONFIRM",
"url": "http://www.pacwest.wonderware.com/web/News/NewsDetails.aspx?NewsID=203108"
},
{
"name": "https://wdnresource.wonderware.com/support/kbcd/html/1/t002492.htm",
"refsource": "CONFIRM",
"url": "https://wdnresource.wonderware.com/support/kbcd/html/1/t002492.htm"
},
{
"name": "http://www.kb.cert.org/vuls/id/MORO-87MHPT",
"refsource": "CONFIRM",
"url": "http://www.kb.cert.org/vuls/id/MORO-87MHPT"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-2974",
"datePublished": "2010-08-05T19:00:00Z",
"dateReserved": "2010-08-05T00:00:00Z",
"dateUpdated": "2024-09-17T03:43:16.392Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}