Search

Find a vulnerability

Search criteria

    2 vulnerabilities by gesytec_easylon

    CVE-2007-4473 (GCVE-0-2007-4473)

    Vulnerability from nvd – Published: 2007-12-17 21:00 – Updated: 2024-08-07 14:53
    VLAI
    Summary
    Gesytec Easylon OPC Server before 2.3.44 does not properly validate server handles, which allows remote attackers to execute arbitrary code or cause a denial of service via unspecified network traffic to the OLE for Process Control (OPC) interface, probably related to free operations on arbitrary memory addresses through certain Remove functions, and read and write operations on arbitrary memory addresses through certain Set, Read, and Write functions.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/28079 third-party-advisoryx_refsource_SECUNIA
    http://www.neutralbit.com/en/rd/opctest/ x_refsource_MISC
    http://osvdb.org/42650 vdb-entryx_refsource_OSVDB
    http://www.neutralbit.com/downloads/NB-NB-001-EXT… x_refsource_MISC
    http://www.securityfocus.com/bid/26876 vdb-entryx_refsource_BID
    http://www.kb.cert.org/vuls/id/205073 third-party-advisoryx_refsource_CERT-VN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2007-12-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:53:55.986Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "28079",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/28079"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.neutralbit.com/en/rd/opctest/"
              },
              {
                "name": "42650",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/42650"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.neutralbit.com/downloads/NB-NB-001-EXT-OPC%20Security%20Testing.pdf"
              },
              {
                "name": "26876",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/26876"
              },
              {
                "name": "VU#205073",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/205073"
              },
              {
                "name": "easylon-server-code-execution(39062)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39062"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-12-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Gesytec Easylon OPC Server before 2.3.44 does not properly validate server handles, which allows remote attackers to execute arbitrary code or cause a denial of service via unspecified network traffic to the OLE for Process Control (OPC) interface, probably related to free operations on arbitrary memory addresses through certain Remove functions, and read and write operations on arbitrary memory addresses through certain Set, Read, and Write functions."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-28T12:57:01.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "name": "28079",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/28079"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.neutralbit.com/en/rd/opctest/"
            },
            {
              "name": "42650",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/42650"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.neutralbit.com/downloads/NB-NB-001-EXT-OPC%20Security%20Testing.pdf"
            },
            {
              "name": "26876",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/26876"
            },
            {
              "name": "VU#205073",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/205073"
            },
            {
              "name": "easylon-server-code-execution(39062)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39062"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2007-4473",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Gesytec Easylon OPC Server before 2.3.44 does not properly validate server handles, which allows remote attackers to execute arbitrary code or cause a denial of service via unspecified network traffic to the OLE for Process Control (OPC) interface, probably related to free operations on arbitrary memory addresses through certain Remove functions, and read and write operations on arbitrary memory addresses through certain Set, Read, and Write functions."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "28079",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/28079"
                },
                {
                  "name": "http://www.neutralbit.com/en/rd/opctest/",
                  "refsource": "MISC",
                  "url": "http://www.neutralbit.com/en/rd/opctest/"
                },
                {
                  "name": "42650",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/42650"
                },
                {
                  "name": "http://www.neutralbit.com/downloads/NB-NB-001-EXT-OPC%20Security%20Testing.pdf",
                  "refsource": "MISC",
                  "url": "http://www.neutralbit.com/downloads/NB-NB-001-EXT-OPC%20Security%20Testing.pdf"
                },
                {
                  "name": "26876",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/26876"
                },
                {
                  "name": "VU#205073",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/205073"
                },
                {
                  "name": "easylon-server-code-execution(39062)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39062"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2007-4473",
        "datePublished": "2007-12-17T21:00:00.000Z",
        "dateReserved": "2007-08-22T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:53:55.986Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-4473 (GCVE-0-2007-4473)

    Vulnerability from cvelistv5 – Published: 2007-12-17 21:00 – Updated: 2024-08-07 14:53
    VLAI
    Summary
    Gesytec Easylon OPC Server before 2.3.44 does not properly validate server handles, which allows remote attackers to execute arbitrary code or cause a denial of service via unspecified network traffic to the OLE for Process Control (OPC) interface, probably related to free operations on arbitrary memory addresses through certain Remove functions, and read and write operations on arbitrary memory addresses through certain Set, Read, and Write functions.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/28079 third-party-advisoryx_refsource_SECUNIA
    http://www.neutralbit.com/en/rd/opctest/ x_refsource_MISC
    http://osvdb.org/42650 vdb-entryx_refsource_OSVDB
    http://www.neutralbit.com/downloads/NB-NB-001-EXT… x_refsource_MISC
    http://www.securityfocus.com/bid/26876 vdb-entryx_refsource_BID
    http://www.kb.cert.org/vuls/id/205073 third-party-advisoryx_refsource_CERT-VN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2007-12-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:53:55.986Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "28079",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/28079"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.neutralbit.com/en/rd/opctest/"
              },
              {
                "name": "42650",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/42650"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.neutralbit.com/downloads/NB-NB-001-EXT-OPC%20Security%20Testing.pdf"
              },
              {
                "name": "26876",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/26876"
              },
              {
                "name": "VU#205073",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/205073"
              },
              {
                "name": "easylon-server-code-execution(39062)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39062"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-12-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Gesytec Easylon OPC Server before 2.3.44 does not properly validate server handles, which allows remote attackers to execute arbitrary code or cause a denial of service via unspecified network traffic to the OLE for Process Control (OPC) interface, probably related to free operations on arbitrary memory addresses through certain Remove functions, and read and write operations on arbitrary memory addresses through certain Set, Read, and Write functions."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-28T12:57:01.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "name": "28079",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/28079"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.neutralbit.com/en/rd/opctest/"
            },
            {
              "name": "42650",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/42650"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.neutralbit.com/downloads/NB-NB-001-EXT-OPC%20Security%20Testing.pdf"
            },
            {
              "name": "26876",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/26876"
            },
            {
              "name": "VU#205073",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/205073"
            },
            {
              "name": "easylon-server-code-execution(39062)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39062"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2007-4473",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Gesytec Easylon OPC Server before 2.3.44 does not properly validate server handles, which allows remote attackers to execute arbitrary code or cause a denial of service via unspecified network traffic to the OLE for Process Control (OPC) interface, probably related to free operations on arbitrary memory addresses through certain Remove functions, and read and write operations on arbitrary memory addresses through certain Set, Read, and Write functions."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "28079",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/28079"
                },
                {
                  "name": "http://www.neutralbit.com/en/rd/opctest/",
                  "refsource": "MISC",
                  "url": "http://www.neutralbit.com/en/rd/opctest/"
                },
                {
                  "name": "42650",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/42650"
                },
                {
                  "name": "http://www.neutralbit.com/downloads/NB-NB-001-EXT-OPC%20Security%20Testing.pdf",
                  "refsource": "MISC",
                  "url": "http://www.neutralbit.com/downloads/NB-NB-001-EXT-OPC%20Security%20Testing.pdf"
                },
                {
                  "name": "26876",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/26876"
                },
                {
                  "name": "VU#205073",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/205073"
                },
                {
                  "name": "easylon-server-code-execution(39062)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39062"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2007-4473",
        "datePublished": "2007-12-17T21:00:00.000Z",
        "dateReserved": "2007-08-22T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:53:55.986Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }