Find a vulnerability
Search criteria
10 vulnerabilities by opcsystems
VAR-201512-0014
Vulnerability from variot - Updated: 2025-04-13 23:21Untrusted search path vulnerability in Open Automation OPC Systems.NET 8.00.0023 and earlier allows local users to gain privileges via a Trojan horse DLL in an unspecified directory. Supplementary information : CWE Vulnerability type by CWE-426: Untrusted Search Path ( Unreliable search path ) Has been identified. http://cwe.mitre.org/data/definitions/426.htmlLocal users can detect Trojan horses in unspecified directories. DLL You may get permission through. OPC Systems.NET is prone to a local privilege-escalation vulnerability. Attackers can exploit this issue remotely by placing the files in a remotely accessible SMB or WebDAV share location. A local attacker can leverage this issue to execute arbitrary code with application privileges
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201512-0014",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "opc systems.net",
"scope": "lte",
"trust": 1.0,
"vendor": "opcsystems",
"version": "8.00.0023"
},
{
"model": "opc systems.net",
"scope": "lte",
"trust": 0.8,
"vendor": "open automation",
"version": "8.00.0023"
},
{
"model": "opc systems.net",
"scope": "eq",
"trust": 0.6,
"vendor": "opcsystems",
"version": "8.00.0023"
},
{
"model": "systems opc systems.net",
"scope": "eq",
"trust": 0.3,
"vendor": "opc",
"version": "8.0.23"
},
{
"model": "systems opc systems.net",
"scope": "eq",
"trust": 0.3,
"vendor": "opc",
"version": "4.0.48"
},
{
"model": "systems opc systems.net",
"scope": "eq",
"trust": 0.3,
"vendor": "opc",
"version": "5.0"
}
],
"sources": [
{
"db": "BID",
"id": "78909"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006512"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-418"
},
{
"db": "NVD",
"id": "CVE-2015-7917"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:opcsystems:opcsystems.net",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006512"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ivan Sanchez from Nullcode Team",
"sources": [
{
"db": "BID",
"id": "78909"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-418"
}
],
"trust": 0.9
},
"cve": "CVE-2015-7917",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "CVE-2015-7917",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.6,
"id": "CVE-2015-7917",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-7917",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-7917",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201512-418",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006512"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-418"
},
{
"db": "NVD",
"id": "CVE-2015-7917"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Untrusted search path vulnerability in Open Automation OPC Systems.NET 8.00.0023 and earlier allows local users to gain privileges via a Trojan horse DLL in an unspecified directory. Supplementary information : CWE Vulnerability type by CWE-426: Untrusted Search Path ( Unreliable search path ) Has been identified. http://cwe.mitre.org/data/definitions/426.htmlLocal users can detect Trojan horses in unspecified directories. DLL You may get permission through. OPC Systems.NET is prone to a local privilege-escalation vulnerability. \nAttackers can exploit this issue remotely by placing the files in a remotely accessible SMB or WebDAV share location. \nA local attacker can leverage this issue to execute arbitrary code with application privileges",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7917"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006512"
},
{
"db": "BID",
"id": "78909"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "ICS CERT",
"id": "ICSA-15-344-02",
"trust": 2.7
},
{
"db": "NVD",
"id": "CVE-2015-7917",
"trust": 2.7
},
{
"db": "BID",
"id": "78909",
"trust": 1.9
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006512",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201512-418",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "78909"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006512"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-418"
},
{
"db": "NVD",
"id": "CVE-2015-7917"
}
]
},
"id": "VAR-201512-0014",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.575
},
"last_update_date": "2025-04-13T23:21:14.257000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "OPC SYSTEMS.NET",
"trust": 0.8,
"url": "https://www.opcsystems.com/products/opc_systems_net.php"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006512"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006512"
},
{
"db": "NVD",
"id": "CVE-2015-7917"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-344-02"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/78909"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7917"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7917"
},
{
"trust": 0.3,
"url": "http://blog.rapid7.com/?p=5325"
},
{
"trust": 0.3,
"url": "http://blog.metasploit.com/2010/08/exploiting-dll-hijacking-flaws.html"
},
{
"trust": 0.3,
"url": "http://blogs.technet.com/b/srd/archive/2010/08/23/more-information-about-dll-preloading-remote-attack-vector.aspx"
},
{
"trust": 0.3,
"url": "http://www.opcsystems.com/opc_systems_net.htm"
},
{
"trust": 0.3,
"url": "http://blogs.technet.com/b/msrc/archive/2010/08/21/microsoft-security-advisory-2269637-released.aspx"
}
],
"sources": [
{
"db": "BID",
"id": "78909"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006512"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-418"
},
{
"db": "NVD",
"id": "CVE-2015-7917"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "78909"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006512"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-418"
},
{
"db": "NVD",
"id": "CVE-2015-7917"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-12-10T00:00:00",
"db": "BID",
"id": "78909"
},
{
"date": "2015-12-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006512"
},
{
"date": "2015-12-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201512-418"
},
{
"date": "2015-12-23T03:59:04.233000",
"db": "NVD",
"id": "CVE-2015-7917"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-12-10T00:00:00",
"db": "BID",
"id": "78909"
},
{
"date": "2015-12-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006512"
},
{
"date": "2015-12-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201512-418"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2015-7917"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "78909"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-418"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Open Automation OPC Systems.NET Vulnerability gained in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006512"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201512-418"
}
],
"trust": 0.6
}
}
VAR-201204-0097
Vulnerability from variot - Updated: 2025-04-11 23:02Open Automation Software OPC Systems.NET before 5.0 allows remote attackers to cause a denial of service via a malformed .NET RPC packet on TCP port 58723. OPC Systems.NET is a .NET product for SCADA, HMI and production line-to-business solutions. OPC Systems.NET handles malformed .NET RPC messages with security vulnerabilities. Submitting malicious requests can cause OPCSystemsService.exe to consume a large amount of CPU, causing denial of service attacks. OPC Systems.NET is prone to a denial-of-service vulnerability. An attacker may exploit this issue to crash the affected application, denying service to legitimate users. OPC Systems.NET 4.00.0048 is vulnerable; other versions may also be affected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201204-0097",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "opcsystems.net",
"scope": "lte",
"trust": 1.0,
"vendor": "opcsystems",
"version": "4.0"
},
{
"model": "systems opc systems.net",
"scope": "eq",
"trust": 0.9,
"vendor": "opc",
"version": "4.0.48"
},
{
"model": "opc systems.net",
"scope": "lt",
"trust": 0.8,
"vendor": "open automation",
"version": "5.0"
},
{
"model": "opcsystems.net",
"scope": "eq",
"trust": 0.6,
"vendor": "opcsystems",
"version": "4.0"
},
{
"model": "systems opc systems.net",
"scope": "ne",
"trust": 0.3,
"vendor": "opc",
"version": "5.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "opcsystems net",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "fba2ecde-1f84-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-4144"
},
{
"db": "BID",
"id": "50047"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002089"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-410"
},
{
"db": "NVD",
"id": "CVE-2011-4871"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:opcsystems:opcsystems.net",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-002089"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Luigi Auriemma",
"sources": [
{
"db": "BID",
"id": "50047"
},
{
"db": "CNNVD",
"id": "CNNVD-201110-214"
}
],
"trust": 0.9
},
"cve": "CVE-2011-4871",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2011-4871",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "fba2ecde-1f84-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-4871",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2011-4871",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201204-410",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "fba2ecde-1f84-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "fba2ecde-1f84-11e6-abef-000c29c66e3d"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002089"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-410"
},
{
"db": "NVD",
"id": "CVE-2011-4871"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Open Automation Software OPC Systems.NET before 5.0 allows remote attackers to cause a denial of service via a malformed .NET RPC packet on TCP port 58723. OPC Systems.NET is a .NET product for SCADA, HMI and production line-to-business solutions. OPC Systems.NET handles malformed .NET RPC messages with security vulnerabilities. Submitting malicious requests can cause OPCSystemsService.exe to consume a large amount of CPU, causing denial of service attacks. OPC Systems.NET is prone to a denial-of-service vulnerability. \nAn attacker may exploit this issue to crash the affected application, denying service to legitimate users. \nOPC Systems.NET 4.00.0048 is vulnerable; other versions may also be affected",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-4871"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002089"
},
{
"db": "CNVD",
"id": "CNVD-2011-4144"
},
{
"db": "BID",
"id": "50047"
},
{
"db": "IVD",
"id": "fba2ecde-1f84-11e6-abef-000c29c66e3d"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-4871",
"trust": 2.9
},
{
"db": "ICS CERT",
"id": "ICSA-12-012-01",
"trust": 2.7
},
{
"db": "BID",
"id": "50047",
"trust": 1.5
},
{
"db": "CNVD",
"id": "CNVD-2011-4144",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201204-410",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002089",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "105663",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201110-214",
"trust": 0.6
},
{
"db": "ICS CERT ALERT",
"id": "ICS-ALERT-11-285-01",
"trust": 0.3
},
{
"db": "IVD",
"id": "FBA2ECDE-1F84-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "fba2ecde-1f84-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-4144"
},
{
"db": "BID",
"id": "50047"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002089"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-410"
},
{
"db": "CNNVD",
"id": "CNNVD-201110-214"
},
{
"db": "NVD",
"id": "CVE-2011-4871"
}
]
},
"id": "VAR-201204-0097",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "fba2ecde-1f84-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-4144"
}
],
"trust": 1.375
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "fba2ecde-1f84-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-4144"
}
]
},
"last_update_date": "2025-04-11T23:02:01.585000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "OPC SYSTEMS.NET",
"trust": 0.8,
"url": "http://www.opcsystems.net/opc_systems_net.htm"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-002089"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-002089"
},
{
"db": "NVD",
"id": "CVE-2011-4871"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-012-01.pdf"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4871"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4871"
},
{
"trust": 0.6,
"url": "http://packetstormsecurity.org/files/105663/opc-systems.net-4.00.0048-denial-of-service.html"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/50047"
},
{
"trust": 0.3,
"url": "http://www.opcsystems.com/opc_systems_net.htm"
},
{
"trust": 0.3,
"url": "http://www.us-cert.gov/control_systems/pdf/ics-alert-11-285-01.pdf"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-4144"
},
{
"db": "BID",
"id": "50047"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002089"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-410"
},
{
"db": "CNNVD",
"id": "CNNVD-201110-214"
},
{
"db": "NVD",
"id": "CVE-2011-4871"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "fba2ecde-1f84-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-4144"
},
{
"db": "BID",
"id": "50047"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002089"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-410"
},
{
"db": "CNNVD",
"id": "CNNVD-201110-214"
},
{
"db": "NVD",
"id": "CVE-2011-4871"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-10-12T00:00:00",
"db": "IVD",
"id": "fba2ecde-1f84-11e6-abef-000c29c66e3d"
},
{
"date": "2011-10-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-4144"
},
{
"date": "2011-10-11T00:00:00",
"db": "BID",
"id": "50047"
},
{
"date": "2012-04-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002089"
},
{
"date": "2012-04-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201204-410"
},
{
"date": "1900-01-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201110-214"
},
{
"date": "2012-04-18T10:33:31.107000",
"db": "NVD",
"id": "CVE-2011-4871"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-10-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-4144"
},
{
"date": "2012-01-27T16:30:00",
"db": "BID",
"id": "50047"
},
{
"date": "2012-04-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002089"
},
{
"date": "2012-04-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201204-410"
},
{
"date": "2011-10-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201110-214"
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2011-4871"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201204-410"
},
{
"db": "CNNVD",
"id": "CNNVD-201110-214"
}
],
"trust": 1.2
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OPC Systems.NET RPC Message Remote Denial of Service Vulnerability",
"sources": [
{
"db": "IVD",
"id": "fba2ecde-1f84-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-4144"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input validation",
"sources": [
{
"db": "IVD",
"id": "fba2ecde-1f84-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-410"
}
],
"trust": 0.8
}
}
VAR-201210-0491
Vulnerability from variot - Updated: 2025-04-11 23:01Buffer overflow in the VSFlex7.VSFlexGrid ActiveX control in ComponentOne FlexGrid 7.1, as used in Open Automation Software OPC Systems.NET, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long archive file name argument to the Archive method. OPC Systems.NET is a .NET product for SCADA, HMI. ComponentOne FlexGrid ActiveX Control is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. ComponentOne FlexGrid 7.1 is vulnerable; other versions may also be affected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201210-0491",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flexgrid",
"scope": "eq",
"trust": 2.7,
"vendor": "componentone",
"version": "7.1"
},
{
"model": "opcsystems.net",
"scope": "eq",
"trust": 1.6,
"vendor": "opcsystems",
"version": null
},
{
"model": "opcsystems.net",
"scope": "lte",
"trust": 1.0,
"vendor": "opcsystems",
"version": "4.0"
},
{
"model": "flexgrid light",
"scope": "eq",
"trust": 0.9,
"vendor": "componentone",
"version": "7.1"
},
{
"model": "systems opc systems.net",
"scope": "eq",
"trust": 0.9,
"vendor": "opc",
"version": "0"
},
{
"model": "opc systems.net",
"scope": null,
"trust": 0.8,
"vendor": "open automation",
"version": null
},
{
"model": "opcsystems.net",
"scope": "eq",
"trust": 0.6,
"vendor": "opcsystems",
"version": "4.0"
},
{
"model": "flexgrid",
"scope": "eq",
"trust": 0.2,
"vendor": "componentone",
"version": "7.1*"
},
{
"model": "flexgrid light opc systems opc systems.net",
"scope": "eq",
"trust": 0.2,
"vendor": "componentone",
"version": "7.10"
}
],
"sources": [
{
"db": "IVD",
"id": "0f50a568-1f77-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-0339"
},
{
"db": "BID",
"id": "51601"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004938"
},
{
"db": "CNNVD",
"id": "CNNVD-201201-378"
},
{
"db": "NVD",
"id": "CVE-2012-0227"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:componentone:flexgrid",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:opcsystems:opcsystems.net",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-004938"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alexandr Polyakov from DSecRG",
"sources": [
{
"db": "BID",
"id": "51601"
},
{
"db": "CNNVD",
"id": "CNNVD-201201-378"
}
],
"trust": 0.9
},
"cve": "CVE-2012-0227",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2012-0227",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "0f50a568-1f77-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2012-0227",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2012-0227",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201201-378",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "0f50a568-1f77-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "0f50a568-1f77-11e6-abef-000c29c66e3d"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004938"
},
{
"db": "CNNVD",
"id": "CNNVD-201201-378"
},
{
"db": "NVD",
"id": "CVE-2012-0227"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the VSFlex7.VSFlexGrid ActiveX control in ComponentOne FlexGrid 7.1, as used in Open Automation Software OPC Systems.NET, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long archive file name argument to the Archive method. OPC Systems.NET is a .NET product for SCADA, HMI. ComponentOne FlexGrid ActiveX Control is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. \nComponentOne FlexGrid 7.1 is vulnerable; other versions may also be affected",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-0227"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004938"
},
{
"db": "CNVD",
"id": "CNVD-2012-0339"
},
{
"db": "BID",
"id": "51601"
},
{
"db": "IVD",
"id": "0f50a568-1f77-11e6-abef-000c29c66e3d"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-0227",
"trust": 2.9
},
{
"db": "ICS CERT",
"id": "ICSA-12-012-01A",
"trust": 2.7
},
{
"db": "BID",
"id": "51601",
"trust": 2.5
},
{
"db": "CNVD",
"id": "CNVD-2012-0339",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201201-378",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004938",
"trust": 0.8
},
{
"db": "XF",
"id": "72604",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "21082",
"trust": 0.6
},
{
"db": "IVD",
"id": "0F50A568-1F77-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "0f50a568-1f77-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-0339"
},
{
"db": "BID",
"id": "51601"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004938"
},
{
"db": "CNNVD",
"id": "CNNVD-201201-378"
},
{
"db": "NVD",
"id": "CVE-2012-0227"
}
]
},
"id": "VAR-201210-0491",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "0f50a568-1f77-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-0339"
}
],
"trust": 1.3064814833333334
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "0f50a568-1f77-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-0339"
}
]
},
"last_update_date": "2025-04-11T23:01:53.092000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.componentone.com/"
},
{
"title": "OPC SYSTEMS.NET",
"trust": 0.8,
"url": "http://www.opcsystems.com/opc_systems_net.htm"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-004938"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-004938"
},
{
"db": "NVD",
"id": "CVE-2012-0227"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-012-01a.pdf"
},
{
"trust": 2.5,
"url": "http://dsecrg.com/pages/vul/show.php?id=406"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/51601"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72604"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-0227"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-0227"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/72604"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/21082"
},
{
"trust": 0.3,
"url": "http://www.componentone.com/"
},
{
"trust": 0.3,
"url": "http://support.microsoft.com/kb/240797"
},
{
"trust": 0.3,
"url": "www.opcsystems.net"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-0339"
},
{
"db": "BID",
"id": "51601"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004938"
},
{
"db": "CNNVD",
"id": "CNNVD-201201-378"
},
{
"db": "NVD",
"id": "CVE-2012-0227"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "0f50a568-1f77-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-0339"
},
{
"db": "BID",
"id": "51601"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004938"
},
{
"db": "CNNVD",
"id": "CNNVD-201201-378"
},
{
"db": "NVD",
"id": "CVE-2012-0227"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-02-01T00:00:00",
"db": "IVD",
"id": "0f50a568-1f77-11e6-abef-000c29c66e3d"
},
{
"date": "2012-02-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0339"
},
{
"date": "2012-01-20T00:00:00",
"db": "BID",
"id": "51601"
},
{
"date": "2012-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-004938"
},
{
"date": "1900-01-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201201-378"
},
{
"date": "2012-10-12T20:55:02.083000",
"db": "NVD",
"id": "CVE-2012-0227"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-02-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0339"
},
{
"date": "2012-10-10T18:20:00",
"db": "BID",
"id": "51601"
},
{
"date": "2012-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-004938"
},
{
"date": "2012-02-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201201-378"
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2012-0227"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201201-378"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ComponentOne FlexGrid ActiveX Control Buffer Overflow Vulnerability",
"sources": [
{
"db": "IVD",
"id": "0f50a568-1f77-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-0339"
},
{
"db": "BID",
"id": "51601"
}
],
"trust": 1.1
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "0f50a568-1f77-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201201-378"
}
],
"trust": 0.8
}
}
VAR-201210-0405
Vulnerability from variot - Updated: 2024-08-14 14:28Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-0227. Reason: This candidate is a duplicate of CVE-2012-0227. Notes: All CVE users should reference CVE-2012-0227 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. Open Automation Software OPC Systems.NET Used in ComponentOne FlexGrid of VSFlex7.VSFlexGrid ActiveX The control contains a buffer overflow vulnerability.By a third party Archive Denial of service via an excessively long archive filename argument to the method (DoS) Could be put into a state and execute arbitrary code. OPC Systems.NET is a .NET product for SCADA, HMI. The ComponentOne FlexGrid ActiveX control has a buffer overflow that allows an attacker to exploit a vulnerability to construct a malicious link that tricks the user into parsing and executing arbitrary code in the context of the application. ComponentOne FlexGrid ActiveX Control is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. ComponentOne FlexGrid 7.1 is vulnerable; other versions may also be affected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201210-0405",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flexgrid",
"scope": "eq",
"trust": 1.7,
"vendor": "componentone",
"version": "7.1"
},
{
"model": "flexgrid light",
"scope": "eq",
"trust": 0.9,
"vendor": "componentone",
"version": "7.1"
},
{
"model": "systems opc systems.net",
"scope": "eq",
"trust": 0.9,
"vendor": "opc",
"version": "0"
},
{
"model": "opc systems.net",
"scope": null,
"trust": 0.8,
"vendor": "open automation",
"version": null
},
{
"model": "opcsystems.net",
"scope": "eq",
"trust": 0.6,
"vendor": "opcsystems",
"version": null
},
{
"model": "opcsystems.net",
"scope": "eq",
"trust": 0.6,
"vendor": "opcsystems",
"version": "4.0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-0339"
},
{
"db": "BID",
"id": "51601"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004846"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-077"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:componentone:flexgrid",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:opcsystems:opcsystems.net",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-004846"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alexandr Polyakov from DSecRG",
"sources": [
{
"db": "BID",
"id": "51601"
}
],
"trust": 0.3
},
"cve": "CVE-2012-5311",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2012-5311",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-5311",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201210-077",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-004846"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-077"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-0227. Reason: This candidate is a duplicate of CVE-2012-0227. Notes: All CVE users should reference CVE-2012-0227 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. Open Automation Software OPC Systems.NET Used in ComponentOne FlexGrid of VSFlex7.VSFlexGrid ActiveX The control contains a buffer overflow vulnerability.By a third party Archive Denial of service via an excessively long archive filename argument to the method (DoS) Could be put into a state and execute arbitrary code. OPC Systems.NET is a .NET product for SCADA, HMI. The ComponentOne FlexGrid ActiveX control has a buffer overflow that allows an attacker to exploit a vulnerability to construct a malicious link that tricks the user into parsing and executing arbitrary code in the context of the application. ComponentOne FlexGrid ActiveX Control is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. \nComponentOne FlexGrid 7.1 is vulnerable; other versions may also be affected",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-5311"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004846"
},
{
"db": "CNVD",
"id": "CNVD-2012-0339"
},
{
"db": "BID",
"id": "51601"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-5311",
"trust": 2.7
},
{
"db": "BID",
"id": "51601",
"trust": 1.5
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004846",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2012-0339",
"trust": 0.6
},
{
"db": "XF",
"id": "72604",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "21082",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201210-077",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-12-012-01A",
"trust": 0.3
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-0339"
},
{
"db": "BID",
"id": "51601"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004846"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-077"
},
{
"db": "NVD",
"id": "CVE-2012-5311"
}
]
},
"id": "VAR-201210-0405",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-0339"
}
],
"trust": 1.1064814833333334
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-0339"
}
]
},
"last_update_date": "2024-08-14T14:28:06.335000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.componentone.com/"
},
{
"title": "OPC SYSTEMS.NET",
"trust": 0.8,
"url": "http://www.opcsystems.net/opc_systems_net.htm"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-004846"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-004846"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.5,
"url": "http://dsecrg.com/pages/vul/show.php?id=406"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5311"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-5311"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/72604"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/51601"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/21082"
},
{
"trust": 0.3,
"url": "http://www.componentone.com/"
},
{
"trust": 0.3,
"url": "http://support.microsoft.com/kb/240797"
},
{
"trust": 0.3,
"url": "www.opcsystems.net"
},
{
"trust": 0.3,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-012-01a.pdf"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-0339"
},
{
"db": "BID",
"id": "51601"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004846"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-077"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2012-0339"
},
{
"db": "BID",
"id": "51601"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004846"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-077"
},
{
"db": "NVD",
"id": "CVE-2012-5311"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-02-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0339"
},
{
"date": "2012-01-20T00:00:00",
"db": "BID",
"id": "51601"
},
{
"date": "2012-10-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-004846"
},
{
"date": "2012-10-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201210-077"
},
{
"date": "2012-10-08T17:55:01.010000",
"db": "NVD",
"id": "CVE-2012-5311"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-02-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0339"
},
{
"date": "2012-10-10T18:20:00",
"db": "BID",
"id": "51601"
},
{
"date": "2012-10-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-004846"
},
{
"date": "2012-10-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201210-077"
},
{
"date": "2023-11-07T02:12:31.027000",
"db": "NVD",
"id": "CVE-2012-5311"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201210-077"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ComponentOne FlexGrid ActiveX Control Buffer Overflow Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-0339"
},
{
"db": "BID",
"id": "51601"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201210-077"
}
],
"trust": 0.6
}
}
CVE-2015-7917 (GCVE-0-2015-7917)
Vulnerability from nvd – Published: 2015-12-23 02:00 – Updated: 2024-08-06 08:06- n/a
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/78909 | vdb-entryx_refsource_BID |
| https://ics-cert.us-cert.gov/advisories/ICSA-15-344-02 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:06:30.877Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "78909",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/78909"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-344-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-12-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in Open Automation OPC Systems.NET 8.00.0023 and earlier allows local users to gain privileges via a Trojan horse DLL in an unspecified directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T19:57:01.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"name": "78909",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/78909"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-344-02"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2015-7917",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in Open Automation OPC Systems.NET 8.00.0023 and earlier allows local users to gain privileges via a Trojan horse DLL in an unspecified directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "78909",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/78909"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-344-02",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-344-02"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2015-7917",
"datePublished": "2015-12-23T02:00:00.000Z",
"dateReserved": "2015-10-22T00:00:00.000Z",
"dateUpdated": "2024-08-06T08:06:30.877Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-0227 (GCVE-0-2012-0227)
Vulnerability from nvd – Published: 2012-10-12 20:00 – Updated: 2024-08-06 18:16- n/a
| URL | Tags |
|---|---|
| http://www.us-cert.gov/control_systems/pdf/ICSA-1… | x_refsource_MISC |
| http://www.securityfocus.com/bid/51601 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://dsecrg.com/pages/vul/show.php?id=406 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:16:19.833Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-012-01A.pdf"
},
{
"name": "51601",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/51601"
},
{
"name": "flexgrid-activex-bo(72604)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72604"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://dsecrg.com/pages/vul/show.php?id=406"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-01-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the VSFlex7.VSFlexGrid ActiveX control in ComponentOne FlexGrid 7.1, as used in Open Automation Software OPC Systems.NET, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long archive file name argument to the Archive method."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-012-01A.pdf"
},
{
"name": "51601",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/51601"
},
{
"name": "flexgrid-activex-bo(72604)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72604"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://dsecrg.com/pages/vul/show.php?id=406"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2012-0227",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the VSFlex7.VSFlexGrid ActiveX control in ComponentOne FlexGrid 7.1, as used in Open Automation Software OPC Systems.NET, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long archive file name argument to the Archive method."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-012-01A.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-012-01A.pdf"
},
{
"name": "51601",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/51601"
},
{
"name": "flexgrid-activex-bo(72604)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72604"
},
{
"name": "http://dsecrg.com/pages/vul/show.php?id=406",
"refsource": "MISC",
"url": "http://dsecrg.com/pages/vul/show.php?id=406"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2012-0227",
"datePublished": "2012-10-12T20:00:00.000Z",
"dateReserved": "2011-12-21T00:00:00.000Z",
"dateUpdated": "2024-08-06T18:16:19.833Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-4871 (GCVE-0-2011-4871)
Vulnerability from nvd – Published: 2012-04-18 10:00 – Updated: 2024-09-16 16:37- n/a
| URL | Tags |
|---|---|
| http://www.us-cert.gov/control_systems/pdf/ICSA-1… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:16:34.977Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-012-01.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Open Automation Software OPC Systems.NET before 5.0 allows remote attackers to cause a denial of service via a malformed .NET RPC packet on TCP port 58723."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-04-18T10:00:00.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-012-01.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2011-4871",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Open Automation Software OPC Systems.NET before 5.0 allows remote attackers to cause a denial of service via a malformed .NET RPC packet on TCP port 58723."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-012-01.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-012-01.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2011-4871",
"datePublished": "2012-04-18T10:00:00.000Z",
"dateReserved": "2011-12-21T00:00:00.000Z",
"dateUpdated": "2024-09-16T16:37:50.419Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-7917 (GCVE-0-2015-7917)
Vulnerability from cvelistv5 – Published: 2015-12-23 02:00 – Updated: 2024-08-06 08:06- n/a
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/78909 | vdb-entryx_refsource_BID |
| https://ics-cert.us-cert.gov/advisories/ICSA-15-344-02 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:06:30.877Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "78909",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/78909"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-344-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-12-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in Open Automation OPC Systems.NET 8.00.0023 and earlier allows local users to gain privileges via a Trojan horse DLL in an unspecified directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T19:57:01.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"name": "78909",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/78909"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-344-02"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2015-7917",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in Open Automation OPC Systems.NET 8.00.0023 and earlier allows local users to gain privileges via a Trojan horse DLL in an unspecified directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "78909",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/78909"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-344-02",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-344-02"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2015-7917",
"datePublished": "2015-12-23T02:00:00.000Z",
"dateReserved": "2015-10-22T00:00:00.000Z",
"dateUpdated": "2024-08-06T08:06:30.877Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-0227 (GCVE-0-2012-0227)
Vulnerability from cvelistv5 – Published: 2012-10-12 20:00 – Updated: 2024-08-06 18:16- n/a
| URL | Tags |
|---|---|
| http://www.us-cert.gov/control_systems/pdf/ICSA-1… | x_refsource_MISC |
| http://www.securityfocus.com/bid/51601 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://dsecrg.com/pages/vul/show.php?id=406 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:16:19.833Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-012-01A.pdf"
},
{
"name": "51601",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/51601"
},
{
"name": "flexgrid-activex-bo(72604)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72604"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://dsecrg.com/pages/vul/show.php?id=406"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-01-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the VSFlex7.VSFlexGrid ActiveX control in ComponentOne FlexGrid 7.1, as used in Open Automation Software OPC Systems.NET, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long archive file name argument to the Archive method."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-012-01A.pdf"
},
{
"name": "51601",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/51601"
},
{
"name": "flexgrid-activex-bo(72604)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72604"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://dsecrg.com/pages/vul/show.php?id=406"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2012-0227",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the VSFlex7.VSFlexGrid ActiveX control in ComponentOne FlexGrid 7.1, as used in Open Automation Software OPC Systems.NET, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long archive file name argument to the Archive method."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-012-01A.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-012-01A.pdf"
},
{
"name": "51601",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/51601"
},
{
"name": "flexgrid-activex-bo(72604)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72604"
},
{
"name": "http://dsecrg.com/pages/vul/show.php?id=406",
"refsource": "MISC",
"url": "http://dsecrg.com/pages/vul/show.php?id=406"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2012-0227",
"datePublished": "2012-10-12T20:00:00.000Z",
"dateReserved": "2011-12-21T00:00:00.000Z",
"dateUpdated": "2024-08-06T18:16:19.833Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-4871 (GCVE-0-2011-4871)
Vulnerability from cvelistv5 – Published: 2012-04-18 10:00 – Updated: 2024-09-16 16:37- n/a
| URL | Tags |
|---|---|
| http://www.us-cert.gov/control_systems/pdf/ICSA-1… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:16:34.977Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-012-01.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Open Automation Software OPC Systems.NET before 5.0 allows remote attackers to cause a denial of service via a malformed .NET RPC packet on TCP port 58723."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-04-18T10:00:00.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-012-01.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2011-4871",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Open Automation Software OPC Systems.NET before 5.0 allows remote attackers to cause a denial of service via a malformed .NET RPC packet on TCP port 58723."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-012-01.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-012-01.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2011-4871",
"datePublished": "2012-04-18T10:00:00.000Z",
"dateReserved": "2011-12-21T00:00:00.000Z",
"dateUpdated": "2024-09-16T16:37:50.419Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}