Search

Find a vulnerability

Search criteria

    10 vulnerabilities by opcsystems

    VAR-201512-0014

    Vulnerability from variot - Updated: 2025-04-13 23:21

    Untrusted search path vulnerability in Open Automation OPC Systems.NET 8.00.0023 and earlier allows local users to gain privileges via a Trojan horse DLL in an unspecified directory. Supplementary information : CWE Vulnerability type by CWE-426: Untrusted Search Path ( Unreliable search path ) Has been identified. http://cwe.mitre.org/data/definitions/426.htmlLocal users can detect Trojan horses in unspecified directories. DLL You may get permission through. OPC Systems.NET is prone to a local privilege-escalation vulnerability. Attackers can exploit this issue remotely by placing the files in a remotely accessible SMB or WebDAV share location. A local attacker can leverage this issue to execute arbitrary code with application privileges

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201512-0014",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "opc systems.net",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "opcsystems",
            "version": "8.00.0023"
          },
          {
            "model": "opc systems.net",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "open automation",
            "version": "8.00.0023"
          },
          {
            "model": "opc systems.net",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "opcsystems",
            "version": "8.00.0023"
          },
          {
            "model": "systems opc systems.net",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opc",
            "version": "8.0.23"
          },
          {
            "model": "systems opc systems.net",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opc",
            "version": "4.0.48"
          },
          {
            "model": "systems opc systems.net",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "opc",
            "version": "5.0"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "78909"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006512"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201512-418"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-7917"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:opcsystems:opcsystems.net",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006512"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Ivan Sanchez from Nullcode Team",
        "sources": [
          {
            "db": "BID",
            "id": "78909"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201512-418"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2015-7917",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 6.9,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.4,
                "id": "CVE-2015-7917",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.6,
                "id": "CVE-2015-7917",
                "impactScore": 6.0,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2015-7917",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2015-7917",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201512-418",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006512"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201512-418"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-7917"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Untrusted search path vulnerability in Open Automation OPC Systems.NET 8.00.0023 and earlier allows local users to gain privileges via a Trojan horse DLL in an unspecified directory. Supplementary information : CWE Vulnerability type by CWE-426: Untrusted Search Path ( Unreliable search path ) Has been identified. http://cwe.mitre.org/data/definitions/426.htmlLocal users can detect Trojan horses in unspecified directories. DLL You may get permission through. OPC Systems.NET is prone to a local privilege-escalation vulnerability. \nAttackers can exploit this issue remotely by placing the files in a remotely accessible SMB or WebDAV share location. \nA local attacker can leverage this issue to execute arbitrary code with application privileges",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2015-7917"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006512"
          },
          {
            "db": "BID",
            "id": "78909"
          }
        ],
        "trust": 1.89
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "ICS CERT",
            "id": "ICSA-15-344-02",
            "trust": 2.7
          },
          {
            "db": "NVD",
            "id": "CVE-2015-7917",
            "trust": 2.7
          },
          {
            "db": "BID",
            "id": "78909",
            "trust": 1.9
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006512",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201512-418",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "78909"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006512"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201512-418"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-7917"
          }
        ]
      },
      "id": "VAR-201512-0014",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.575
      },
      "last_update_date": "2025-04-13T23:21:14.257000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "OPC SYSTEMS.NET",
            "trust": 0.8,
            "url": "https://www.opcsystems.com/products/opc_systems_net.php"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006512"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-Other",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-Other",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006512"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-7917"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.7,
            "url": "https://ics-cert.us-cert.gov/advisories/icsa-15-344-02"
          },
          {
            "trust": 1.6,
            "url": "http://www.securityfocus.com/bid/78909"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7917"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7917"
          },
          {
            "trust": 0.3,
            "url": "http://blog.rapid7.com/?p=5325"
          },
          {
            "trust": 0.3,
            "url": "http://blog.metasploit.com/2010/08/exploiting-dll-hijacking-flaws.html"
          },
          {
            "trust": 0.3,
            "url": "http://blogs.technet.com/b/srd/archive/2010/08/23/more-information-about-dll-preloading-remote-attack-vector.aspx"
          },
          {
            "trust": 0.3,
            "url": "http://www.opcsystems.com/opc_systems_net.htm"
          },
          {
            "trust": 0.3,
            "url": "http://blogs.technet.com/b/msrc/archive/2010/08/21/microsoft-security-advisory-2269637-released.aspx"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "78909"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006512"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201512-418"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-7917"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "BID",
            "id": "78909"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006512"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201512-418"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-7917"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2015-12-10T00:00:00",
            "db": "BID",
            "id": "78909"
          },
          {
            "date": "2015-12-24T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2015-006512"
          },
          {
            "date": "2015-12-15T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201512-418"
          },
          {
            "date": "2015-12-23T03:59:04.233000",
            "db": "NVD",
            "id": "CVE-2015-7917"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2015-12-10T00:00:00",
            "db": "BID",
            "id": "78909"
          },
          {
            "date": "2015-12-24T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2015-006512"
          },
          {
            "date": "2015-12-24T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201512-418"
          },
          {
            "date": "2025-04-12T10:46:40.837000",
            "db": "NVD",
            "id": "CVE-2015-7917"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "BID",
            "id": "78909"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201512-418"
          }
        ],
        "trust": 0.9
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Open Automation OPC Systems.NET Vulnerability gained in",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-006512"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201512-418"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201204-0097

    Vulnerability from variot - Updated: 2025-04-11 23:02

    Open Automation Software OPC Systems.NET before 5.0 allows remote attackers to cause a denial of service via a malformed .NET RPC packet on TCP port 58723. OPC Systems.NET is a .NET product for SCADA, HMI and production line-to-business solutions. OPC Systems.NET handles malformed .NET RPC messages with security vulnerabilities. Submitting malicious requests can cause OPCSystemsService.exe to consume a large amount of CPU, causing denial of service attacks. OPC Systems.NET is prone to a denial-of-service vulnerability. An attacker may exploit this issue to crash the affected application, denying service to legitimate users. OPC Systems.NET 4.00.0048 is vulnerable; other versions may also be affected

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201204-0097",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "opcsystems.net",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "opcsystems",
            "version": "4.0"
          },
          {
            "model": "systems opc systems.net",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "opc",
            "version": "4.0.48"
          },
          {
            "model": "opc systems.net",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "open automation",
            "version": "5.0"
          },
          {
            "model": "opcsystems.net",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "opcsystems",
            "version": "4.0"
          },
          {
            "model": "systems opc systems.net",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "opc",
            "version": "5.0"
          },
          {
            "model": null,
            "scope": "eq",
            "trust": 0.2,
            "vendor": "opcsystems net",
            "version": "*"
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "fba2ecde-1f84-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2011-4144"
          },
          {
            "db": "BID",
            "id": "50047"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-002089"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201204-410"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-4871"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:opcsystems:opcsystems.net",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-002089"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Luigi Auriemma",
        "sources": [
          {
            "db": "BID",
            "id": "50047"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201110-214"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2011-4871",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2011-4871",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.8,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "fba2ecde-1f84-11e6-abef-000c29c66e3d",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.2,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.9 [IVD]"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2011-4871",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2011-4871",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201204-410",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "IVD",
                "id": "fba2ecde-1f84-11e6-abef-000c29c66e3d",
                "trust": 0.2,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "fba2ecde-1f84-11e6-abef-000c29c66e3d"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-002089"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201204-410"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-4871"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Open Automation Software OPC Systems.NET before 5.0 allows remote attackers to cause a denial of service via a malformed .NET RPC packet on TCP port 58723. OPC Systems.NET is a .NET product for SCADA, HMI and production line-to-business solutions. OPC Systems.NET handles malformed .NET RPC messages with security vulnerabilities. Submitting malicious requests can cause OPCSystemsService.exe to consume a large amount of CPU, causing denial of service attacks. OPC Systems.NET is prone to a denial-of-service vulnerability. \nAn attacker may exploit this issue to crash the affected application, denying service to legitimate users. \nOPC Systems.NET 4.00.0048 is vulnerable; other versions may also be affected",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2011-4871"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-002089"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2011-4144"
          },
          {
            "db": "BID",
            "id": "50047"
          },
          {
            "db": "IVD",
            "id": "fba2ecde-1f84-11e6-abef-000c29c66e3d"
          }
        ],
        "trust": 2.61
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2011-4871",
            "trust": 2.9
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-12-012-01",
            "trust": 2.7
          },
          {
            "db": "BID",
            "id": "50047",
            "trust": 1.5
          },
          {
            "db": "CNVD",
            "id": "CNVD-2011-4144",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201204-410",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-002089",
            "trust": 0.8
          },
          {
            "db": "PACKETSTORM",
            "id": "105663",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201110-214",
            "trust": 0.6
          },
          {
            "db": "ICS CERT ALERT",
            "id": "ICS-ALERT-11-285-01",
            "trust": 0.3
          },
          {
            "db": "IVD",
            "id": "FBA2ECDE-1F84-11E6-ABEF-000C29C66E3D",
            "trust": 0.2
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "fba2ecde-1f84-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2011-4144"
          },
          {
            "db": "BID",
            "id": "50047"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-002089"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201204-410"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201110-214"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-4871"
          }
        ]
      },
      "id": "VAR-201204-0097",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "IVD",
            "id": "fba2ecde-1f84-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2011-4144"
          }
        ],
        "trust": 1.375
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "fba2ecde-1f84-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2011-4144"
          }
        ]
      },
      "last_update_date": "2025-04-11T23:02:01.585000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "OPC SYSTEMS.NET",
            "trust": 0.8,
            "url": "http://www.opcsystems.net/opc_systems_net.htm"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-002089"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-20",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-002089"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-4871"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.7,
            "url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-012-01.pdf"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4871"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4871"
          },
          {
            "trust": 0.6,
            "url": "http://packetstormsecurity.org/files/105663/opc-systems.net-4.00.0048-denial-of-service.html"
          },
          {
            "trust": 0.6,
            "url": "http://www.securityfocus.com/bid/50047"
          },
          {
            "trust": 0.3,
            "url": "http://www.opcsystems.com/opc_systems_net.htm"
          },
          {
            "trust": 0.3,
            "url": "http://www.us-cert.gov/control_systems/pdf/ics-alert-11-285-01.pdf"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2011-4144"
          },
          {
            "db": "BID",
            "id": "50047"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-002089"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201204-410"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201110-214"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-4871"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "IVD",
            "id": "fba2ecde-1f84-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2011-4144"
          },
          {
            "db": "BID",
            "id": "50047"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-002089"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201204-410"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201110-214"
          },
          {
            "db": "NVD",
            "id": "CVE-2011-4871"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2011-10-12T00:00:00",
            "db": "IVD",
            "id": "fba2ecde-1f84-11e6-abef-000c29c66e3d"
          },
          {
            "date": "2011-10-12T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2011-4144"
          },
          {
            "date": "2011-10-11T00:00:00",
            "db": "BID",
            "id": "50047"
          },
          {
            "date": "2012-04-19T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2012-002089"
          },
          {
            "date": "2012-04-19T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201204-410"
          },
          {
            "date": "1900-01-01T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201110-214"
          },
          {
            "date": "2012-04-18T10:33:31.107000",
            "db": "NVD",
            "id": "CVE-2011-4871"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2011-10-12T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2011-4144"
          },
          {
            "date": "2012-01-27T16:30:00",
            "db": "BID",
            "id": "50047"
          },
          {
            "date": "2012-04-19T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2012-002089"
          },
          {
            "date": "2012-04-19T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201204-410"
          },
          {
            "date": "2011-10-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201110-214"
          },
          {
            "date": "2025-04-11T00:51:21.963000",
            "db": "NVD",
            "id": "CVE-2011-4871"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201204-410"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201110-214"
          }
        ],
        "trust": 1.2
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "OPC Systems.NET RPC Message Remote Denial of Service Vulnerability",
        "sources": [
          {
            "db": "IVD",
            "id": "fba2ecde-1f84-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2011-4144"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Input validation",
        "sources": [
          {
            "db": "IVD",
            "id": "fba2ecde-1f84-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201204-410"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-201210-0491

    Vulnerability from variot - Updated: 2025-04-11 23:01

    Buffer overflow in the VSFlex7.VSFlexGrid ActiveX control in ComponentOne FlexGrid 7.1, as used in Open Automation Software OPC Systems.NET, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long archive file name argument to the Archive method. OPC Systems.NET is a .NET product for SCADA, HMI. ComponentOne FlexGrid ActiveX Control is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. ComponentOne FlexGrid 7.1 is vulnerable; other versions may also be affected

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201210-0491",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "flexgrid",
            "scope": "eq",
            "trust": 2.7,
            "vendor": "componentone",
            "version": "7.1"
          },
          {
            "model": "opcsystems.net",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "opcsystems",
            "version": null
          },
          {
            "model": "opcsystems.net",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "opcsystems",
            "version": "4.0"
          },
          {
            "model": "flexgrid light",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "componentone",
            "version": "7.1"
          },
          {
            "model": "systems opc systems.net",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "opc",
            "version": "0"
          },
          {
            "model": "opc systems.net",
            "scope": null,
            "trust": 0.8,
            "vendor": "open automation",
            "version": null
          },
          {
            "model": "opcsystems.net",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "opcsystems",
            "version": "4.0"
          },
          {
            "model": "flexgrid",
            "scope": "eq",
            "trust": 0.2,
            "vendor": "componentone",
            "version": "7.1*"
          },
          {
            "model": "flexgrid light opc systems opc systems.net",
            "scope": "eq",
            "trust": 0.2,
            "vendor": "componentone",
            "version": "7.10"
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "0f50a568-1f77-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2012-0339"
          },
          {
            "db": "BID",
            "id": "51601"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-004938"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201201-378"
          },
          {
            "db": "NVD",
            "id": "CVE-2012-0227"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:componentone:flexgrid",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:opcsystems:opcsystems.net",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-004938"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Alexandr Polyakov from DSecRG",
        "sources": [
          {
            "db": "BID",
            "id": "51601"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201201-378"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2012-0227",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.3,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.6,
                "id": "CVE-2012-0227",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.8,
                "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "IVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.3,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.6,
                "id": "0f50a568-1f77-11e6-abef-000c29c66e3d",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.2,
                "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
                "version": "2.9 [IVD]"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2012-0227",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2012-0227",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201201-378",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "IVD",
                "id": "0f50a568-1f77-11e6-abef-000c29c66e3d",
                "trust": 0.2,
                "value": "CRITICAL"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "0f50a568-1f77-11e6-abef-000c29c66e3d"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-004938"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201201-378"
          },
          {
            "db": "NVD",
            "id": "CVE-2012-0227"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Buffer overflow in the VSFlex7.VSFlexGrid ActiveX control in ComponentOne FlexGrid 7.1, as used in Open Automation Software OPC Systems.NET, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long archive file name argument to the Archive method. OPC Systems.NET is a .NET product for SCADA, HMI. ComponentOne FlexGrid ActiveX Control is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. \nComponentOne FlexGrid 7.1 is vulnerable; other versions may also be affected",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2012-0227"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-004938"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2012-0339"
          },
          {
            "db": "BID",
            "id": "51601"
          },
          {
            "db": "IVD",
            "id": "0f50a568-1f77-11e6-abef-000c29c66e3d"
          }
        ],
        "trust": 2.61
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2012-0227",
            "trust": 2.9
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-12-012-01A",
            "trust": 2.7
          },
          {
            "db": "BID",
            "id": "51601",
            "trust": 2.5
          },
          {
            "db": "CNVD",
            "id": "CNVD-2012-0339",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201201-378",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-004938",
            "trust": 0.8
          },
          {
            "db": "XF",
            "id": "72604",
            "trust": 0.6
          },
          {
            "db": "NSFOCUS",
            "id": "21082",
            "trust": 0.6
          },
          {
            "db": "IVD",
            "id": "0F50A568-1F77-11E6-ABEF-000C29C66E3D",
            "trust": 0.2
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "0f50a568-1f77-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2012-0339"
          },
          {
            "db": "BID",
            "id": "51601"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-004938"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201201-378"
          },
          {
            "db": "NVD",
            "id": "CVE-2012-0227"
          }
        ]
      },
      "id": "VAR-201210-0491",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "IVD",
            "id": "0f50a568-1f77-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2012-0339"
          }
        ],
        "trust": 1.3064814833333334
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "IVD",
            "id": "0f50a568-1f77-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2012-0339"
          }
        ]
      },
      "last_update_date": "2025-04-11T23:01:53.092000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "http://www.componentone.com/"
          },
          {
            "title": "OPC SYSTEMS.NET",
            "trust": 0.8,
            "url": "http://www.opcsystems.com/opc_systems_net.htm"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-004938"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-004938"
          },
          {
            "db": "NVD",
            "id": "CVE-2012-0227"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.7,
            "url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-012-01a.pdf"
          },
          {
            "trust": 2.5,
            "url": "http://dsecrg.com/pages/vul/show.php?id=406"
          },
          {
            "trust": 1.6,
            "url": "http://www.securityfocus.com/bid/51601"
          },
          {
            "trust": 1.0,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72604"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-0227"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-0227"
          },
          {
            "trust": 0.6,
            "url": "http://xforce.iss.net/xforce/xfdb/72604"
          },
          {
            "trust": 0.6,
            "url": "http://www.nsfocus.net/vulndb/21082"
          },
          {
            "trust": 0.3,
            "url": "http://www.componentone.com/"
          },
          {
            "trust": 0.3,
            "url": "http://support.microsoft.com/kb/240797"
          },
          {
            "trust": 0.3,
            "url": "www.opcsystems.net"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2012-0339"
          },
          {
            "db": "BID",
            "id": "51601"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-004938"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201201-378"
          },
          {
            "db": "NVD",
            "id": "CVE-2012-0227"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "IVD",
            "id": "0f50a568-1f77-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2012-0339"
          },
          {
            "db": "BID",
            "id": "51601"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-004938"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201201-378"
          },
          {
            "db": "NVD",
            "id": "CVE-2012-0227"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2012-02-01T00:00:00",
            "db": "IVD",
            "id": "0f50a568-1f77-11e6-abef-000c29c66e3d"
          },
          {
            "date": "2012-02-01T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2012-0339"
          },
          {
            "date": "2012-01-20T00:00:00",
            "db": "BID",
            "id": "51601"
          },
          {
            "date": "2012-10-16T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2012-004938"
          },
          {
            "date": "1900-01-01T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201201-378"
          },
          {
            "date": "2012-10-12T20:55:02.083000",
            "db": "NVD",
            "id": "CVE-2012-0227"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2012-02-01T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2012-0339"
          },
          {
            "date": "2012-10-10T18:20:00",
            "db": "BID",
            "id": "51601"
          },
          {
            "date": "2012-10-16T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2012-004938"
          },
          {
            "date": "2012-02-01T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201201-378"
          },
          {
            "date": "2025-04-11T00:51:21.963000",
            "db": "NVD",
            "id": "CVE-2012-0227"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201201-378"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "ComponentOne FlexGrid ActiveX Control Buffer Overflow Vulnerability",
        "sources": [
          {
            "db": "IVD",
            "id": "0f50a568-1f77-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2012-0339"
          },
          {
            "db": "BID",
            "id": "51601"
          }
        ],
        "trust": 1.1
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Buffer overflow",
        "sources": [
          {
            "db": "IVD",
            "id": "0f50a568-1f77-11e6-abef-000c29c66e3d"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201201-378"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-201210-0405

    Vulnerability from variot - Updated: 2024-08-14 14:28

    Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-0227. Reason: This candidate is a duplicate of CVE-2012-0227. Notes: All CVE users should reference CVE-2012-0227 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. Open Automation Software OPC Systems.NET Used in ComponentOne FlexGrid of VSFlex7.VSFlexGrid ActiveX The control contains a buffer overflow vulnerability.By a third party Archive Denial of service via an excessively long archive filename argument to the method (DoS) Could be put into a state and execute arbitrary code. OPC Systems.NET is a .NET product for SCADA, HMI. The ComponentOne FlexGrid ActiveX control has a buffer overflow that allows an attacker to exploit a vulnerability to construct a malicious link that tricks the user into parsing and executing arbitrary code in the context of the application. ComponentOne FlexGrid ActiveX Control is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. ComponentOne FlexGrid 7.1 is vulnerable; other versions may also be affected

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201210-0405",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "flexgrid",
            "scope": "eq",
            "trust": 1.7,
            "vendor": "componentone",
            "version": "7.1"
          },
          {
            "model": "flexgrid light",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "componentone",
            "version": "7.1"
          },
          {
            "model": "systems opc systems.net",
            "scope": "eq",
            "trust": 0.9,
            "vendor": "opc",
            "version": "0"
          },
          {
            "model": "opc systems.net",
            "scope": null,
            "trust": 0.8,
            "vendor": "open automation",
            "version": null
          },
          {
            "model": "opcsystems.net",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "opcsystems",
            "version": null
          },
          {
            "model": "opcsystems.net",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "opcsystems",
            "version": "4.0"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2012-0339"
          },
          {
            "db": "BID",
            "id": "51601"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-004846"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201210-077"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:componentone:flexgrid",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:opcsystems:opcsystems.net",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-004846"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Alexandr Polyakov from DSecRG",
        "sources": [
          {
            "db": "BID",
            "id": "51601"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2012-5311",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Complete",
                "baseScore": 9.3,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "CVE-2012-5311",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2012-5311",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201210-077",
                "trust": 0.6,
                "value": "CRITICAL"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-004846"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201210-077"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: CVE-2012-0227.  Reason: This candidate is a duplicate of CVE-2012-0227.  Notes: All CVE users should reference CVE-2012-0227 instead of this candidate.  All references and descriptions in this candidate have been removed to prevent accidental usage. Open Automation Software OPC Systems.NET Used in ComponentOne FlexGrid of VSFlex7.VSFlexGrid ActiveX The control contains a buffer overflow vulnerability.By a third party Archive Denial of service via an excessively long archive filename argument to the method (DoS) Could be put into a state and execute arbitrary code. OPC Systems.NET is a .NET product for SCADA, HMI. The ComponentOne FlexGrid ActiveX control has a buffer overflow that allows an attacker to exploit a vulnerability to construct a malicious link that tricks the user into parsing and executing arbitrary code in the context of the application. ComponentOne FlexGrid ActiveX Control is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. \nComponentOne FlexGrid 7.1 is vulnerable; other versions may also be affected",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2012-5311"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-004846"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2012-0339"
          },
          {
            "db": "BID",
            "id": "51601"
          }
        ],
        "trust": 2.43
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2012-5311",
            "trust": 2.7
          },
          {
            "db": "BID",
            "id": "51601",
            "trust": 1.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-004846",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2012-0339",
            "trust": 0.6
          },
          {
            "db": "XF",
            "id": "72604",
            "trust": 0.6
          },
          {
            "db": "NSFOCUS",
            "id": "21082",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201210-077",
            "trust": 0.6
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-12-012-01A",
            "trust": 0.3
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2012-0339"
          },
          {
            "db": "BID",
            "id": "51601"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-004846"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201210-077"
          },
          {
            "db": "NVD",
            "id": "CVE-2012-5311"
          }
        ]
      },
      "id": "VAR-201210-0405",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2012-0339"
          }
        ],
        "trust": 1.1064814833333334
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "ICS"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2012-0339"
          }
        ]
      },
      "last_update_date": "2024-08-14T14:28:06.335000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "http://www.componentone.com/"
          },
          {
            "title": "OPC SYSTEMS.NET",
            "trust": 0.8,
            "url": "http://www.opcsystems.net/opc_systems_net.htm"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-004846"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-004846"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.5,
            "url": "http://dsecrg.com/pages/vul/show.php?id=406"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5311"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-5311"
          },
          {
            "trust": 0.6,
            "url": "http://xforce.iss.net/xforce/xfdb/72604"
          },
          {
            "trust": 0.6,
            "url": "http://www.securityfocus.com/bid/51601"
          },
          {
            "trust": 0.6,
            "url": "http://www.nsfocus.net/vulndb/21082"
          },
          {
            "trust": 0.3,
            "url": "http://www.componentone.com/"
          },
          {
            "trust": 0.3,
            "url": "http://support.microsoft.com/kb/240797"
          },
          {
            "trust": 0.3,
            "url": "www.opcsystems.net"
          },
          {
            "trust": 0.3,
            "url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-012-01a.pdf"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2012-0339"
          },
          {
            "db": "BID",
            "id": "51601"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-004846"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201210-077"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2012-0339"
          },
          {
            "db": "BID",
            "id": "51601"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2012-004846"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201210-077"
          },
          {
            "db": "NVD",
            "id": "CVE-2012-5311"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2012-02-01T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2012-0339"
          },
          {
            "date": "2012-01-20T00:00:00",
            "db": "BID",
            "id": "51601"
          },
          {
            "date": "2012-10-11T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2012-004846"
          },
          {
            "date": "2012-10-12T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201210-077"
          },
          {
            "date": "2012-10-08T17:55:01.010000",
            "db": "NVD",
            "id": "CVE-2012-5311"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2012-02-01T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2012-0339"
          },
          {
            "date": "2012-10-10T18:20:00",
            "db": "BID",
            "id": "51601"
          },
          {
            "date": "2012-10-11T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2012-004846"
          },
          {
            "date": "2012-10-12T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201210-077"
          },
          {
            "date": "2023-11-07T02:12:31.027000",
            "db": "NVD",
            "id": "CVE-2012-5311"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201210-077"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "ComponentOne FlexGrid ActiveX Control Buffer Overflow Vulnerability",
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2012-0339"
          },
          {
            "db": "BID",
            "id": "51601"
          }
        ],
        "trust": 0.9
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer overflow",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201210-077"
          }
        ],
        "trust": 0.6
      }
    }

    CVE-2015-7917 (GCVE-0-2015-7917)

    Vulnerability from nvd – Published: 2015-12-23 02:00 – Updated: 2024-08-06 08:06
    VLAI
    Summary
    Untrusted search path vulnerability in Open Automation OPC Systems.NET 8.00.0023 and earlier allows local users to gain privileges via a Trojan horse DLL in an unspecified directory.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2015-12-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T08:06:30.877Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "78909",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/78909"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-344-02"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2015-12-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Untrusted search path vulnerability in Open Automation OPC Systems.NET 8.00.0023 and earlier allows local users to gain privileges via a Trojan horse DLL in an unspecified directory."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-11-25T19:57:01.000Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "name": "78909",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/78909"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-344-02"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "ics-cert@hq.dhs.gov",
              "ID": "CVE-2015-7917",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Untrusted search path vulnerability in Open Automation OPC Systems.NET 8.00.0023 and earlier allows local users to gain privileges via a Trojan horse DLL in an unspecified directory."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "78909",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/78909"
                },
                {
                  "name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-344-02",
                  "refsource": "MISC",
                  "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-344-02"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2015-7917",
        "datePublished": "2015-12-23T02:00:00.000Z",
        "dateReserved": "2015-10-22T00:00:00.000Z",
        "dateUpdated": "2024-08-06T08:06:30.877Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2012-0227 (GCVE-0-2012-0227)

    Vulnerability from nvd – Published: 2012-10-12 20:00 – Updated: 2024-08-06 18:16
    VLAI
    Summary
    Buffer overflow in the VSFlex7.VSFlexGrid ActiveX control in ComponentOne FlexGrid 7.1, as used in Open Automation Software OPC Systems.NET, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long archive file name argument to the Archive method.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2012-01-20 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T18:16:19.833Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-012-01A.pdf"
              },
              {
                "name": "51601",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/51601"
              },
              {
                "name": "flexgrid-activex-bo(72604)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72604"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://dsecrg.com/pages/vul/show.php?id=406"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2012-01-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in the VSFlex7.VSFlexGrid ActiveX control in ComponentOne FlexGrid 7.1, as used in Open Automation Software OPC Systems.NET, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long archive file name argument to the Archive method."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-28T12:57:01.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-012-01A.pdf"
            },
            {
              "name": "51601",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/51601"
            },
            {
              "name": "flexgrid-activex-bo(72604)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72604"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://dsecrg.com/pages/vul/show.php?id=406"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2012-0227",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in the VSFlex7.VSFlexGrid ActiveX control in ComponentOne FlexGrid 7.1, as used in Open Automation Software OPC Systems.NET, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long archive file name argument to the Archive method."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-012-01A.pdf",
                  "refsource": "MISC",
                  "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-012-01A.pdf"
                },
                {
                  "name": "51601",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/51601"
                },
                {
                  "name": "flexgrid-activex-bo(72604)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72604"
                },
                {
                  "name": "http://dsecrg.com/pages/vul/show.php?id=406",
                  "refsource": "MISC",
                  "url": "http://dsecrg.com/pages/vul/show.php?id=406"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2012-0227",
        "datePublished": "2012-10-12T20:00:00.000Z",
        "dateReserved": "2011-12-21T00:00:00.000Z",
        "dateUpdated": "2024-08-06T18:16:19.833Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-4871 (GCVE-0-2011-4871)

    Vulnerability from nvd – Published: 2012-04-18 10:00 – Updated: 2024-09-16 16:37
    VLAI
    Summary
    Open Automation Software OPC Systems.NET before 5.0 allows remote attackers to cause a denial of service via a malformed .NET RPC packet on TCP port 58723.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T00:16:34.977Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-012-01.pdf"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Open Automation Software OPC Systems.NET before 5.0 allows remote attackers to cause a denial of service via a malformed .NET RPC packet on TCP port 58723."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2012-04-18T10:00:00.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-012-01.pdf"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2011-4871",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Open Automation Software OPC Systems.NET before 5.0 allows remote attackers to cause a denial of service via a malformed .NET RPC packet on TCP port 58723."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-012-01.pdf",
                  "refsource": "MISC",
                  "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-012-01.pdf"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2011-4871",
        "datePublished": "2012-04-18T10:00:00.000Z",
        "dateReserved": "2011-12-21T00:00:00.000Z",
        "dateUpdated": "2024-09-16T16:37:50.419Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2015-7917 (GCVE-0-2015-7917)

    Vulnerability from cvelistv5 – Published: 2015-12-23 02:00 – Updated: 2024-08-06 08:06
    VLAI
    Summary
    Untrusted search path vulnerability in Open Automation OPC Systems.NET 8.00.0023 and earlier allows local users to gain privileges via a Trojan horse DLL in an unspecified directory.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2015-12-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T08:06:30.877Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "78909",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/78909"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-344-02"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2015-12-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Untrusted search path vulnerability in Open Automation OPC Systems.NET 8.00.0023 and earlier allows local users to gain privileges via a Trojan horse DLL in an unspecified directory."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-11-25T19:57:01.000Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "name": "78909",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/78909"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-344-02"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "ics-cert@hq.dhs.gov",
              "ID": "CVE-2015-7917",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Untrusted search path vulnerability in Open Automation OPC Systems.NET 8.00.0023 and earlier allows local users to gain privileges via a Trojan horse DLL in an unspecified directory."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "78909",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/78909"
                },
                {
                  "name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-344-02",
                  "refsource": "MISC",
                  "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-344-02"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2015-7917",
        "datePublished": "2015-12-23T02:00:00.000Z",
        "dateReserved": "2015-10-22T00:00:00.000Z",
        "dateUpdated": "2024-08-06T08:06:30.877Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2012-0227 (GCVE-0-2012-0227)

    Vulnerability from cvelistv5 – Published: 2012-10-12 20:00 – Updated: 2024-08-06 18:16
    VLAI
    Summary
    Buffer overflow in the VSFlex7.VSFlexGrid ActiveX control in ComponentOne FlexGrid 7.1, as used in Open Automation Software OPC Systems.NET, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long archive file name argument to the Archive method.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2012-01-20 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T18:16:19.833Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-012-01A.pdf"
              },
              {
                "name": "51601",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/51601"
              },
              {
                "name": "flexgrid-activex-bo(72604)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72604"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://dsecrg.com/pages/vul/show.php?id=406"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2012-01-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in the VSFlex7.VSFlexGrid ActiveX control in ComponentOne FlexGrid 7.1, as used in Open Automation Software OPC Systems.NET, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long archive file name argument to the Archive method."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-28T12:57:01.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-012-01A.pdf"
            },
            {
              "name": "51601",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/51601"
            },
            {
              "name": "flexgrid-activex-bo(72604)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72604"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://dsecrg.com/pages/vul/show.php?id=406"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2012-0227",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in the VSFlex7.VSFlexGrid ActiveX control in ComponentOne FlexGrid 7.1, as used in Open Automation Software OPC Systems.NET, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long archive file name argument to the Archive method."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-012-01A.pdf",
                  "refsource": "MISC",
                  "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-012-01A.pdf"
                },
                {
                  "name": "51601",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/51601"
                },
                {
                  "name": "flexgrid-activex-bo(72604)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72604"
                },
                {
                  "name": "http://dsecrg.com/pages/vul/show.php?id=406",
                  "refsource": "MISC",
                  "url": "http://dsecrg.com/pages/vul/show.php?id=406"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2012-0227",
        "datePublished": "2012-10-12T20:00:00.000Z",
        "dateReserved": "2011-12-21T00:00:00.000Z",
        "dateUpdated": "2024-08-06T18:16:19.833Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-4871 (GCVE-0-2011-4871)

    Vulnerability from cvelistv5 – Published: 2012-04-18 10:00 – Updated: 2024-09-16 16:37
    VLAI
    Summary
    Open Automation Software OPC Systems.NET before 5.0 allows remote attackers to cause a denial of service via a malformed .NET RPC packet on TCP port 58723.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T00:16:34.977Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-012-01.pdf"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Open Automation Software OPC Systems.NET before 5.0 allows remote attackers to cause a denial of service via a malformed .NET RPC packet on TCP port 58723."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2012-04-18T10:00:00.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-012-01.pdf"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2011-4871",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Open Automation Software OPC Systems.NET before 5.0 allows remote attackers to cause a denial of service via a malformed .NET RPC packet on TCP port 58723."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-012-01.pdf",
                  "refsource": "MISC",
                  "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-012-01.pdf"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2011-4871",
        "datePublished": "2012-04-18T10:00:00.000Z",
        "dateReserved": "2011-12-21T00:00:00.000Z",
        "dateUpdated": "2024-09-16T16:37:50.419Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }