CVE-2013-2796
https://notcve.org/view.php?id=CVE-2013-2796
Schneider Electric Vijeo Citect 7.20 and earlier, CitectSCADA 7.20 and earlier, and PowerLogic SCADA 7.20 and earlier allow remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. Schneider Electric Vijeo Citect v7.20 y anteriores, CitectSCADA v7.20 y anteriores, y PowerLogic SCADA v7.20 y anteriores, permite a atacantes remotos leer ficheros, enviar peticiones HTTP a servidores intranet, o causar una denegación del servicio (consumo de CPU y memoria) a través de fichero XML que contiene una declaración de entidad externa, junto con una referencia de entidad, en relación con un fallo en XML External Entity (XXE). • http://ics-cert.us-cert.gov/advisories/ICSA-13-217-02 http://www.citect.schneider-electric.com/cs-HF720SP459363 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2013-3075 – Mitsubishi MX ActiveX Component 3 - 'ActUWzd.dll' 'WzTitle' Remote Heap Spray
https://notcve.org/view.php?id=CVE-2013-3075
Multiple buffer overflows in ActUWzd.dll 1.0.0.1 in Mitsubishi MX Component 3, as distributed in Citect CitectFacilities 7.10 and CitectScada 7.10r1, allow remote attackers to execute arbitrary code via a long string, as demonstrated by a long WzTitle property value to a certain ActiveX control. Múltiples desbordamientos de búfer en ActUWzd.dll v1.0.0.1 en Mitsubishi MX componente 3, que distribuye en CitectFacilities Citect v7.10 y CitectSCADA v7.10r1, permite a atacantes remotos ejecutar código arbitrario a través de una cadena larga, como lo demuestra con un valor largo de la propiedad WzTitle a un determinado ActiveX control. • https://www.exploit-db.com/exploits/24886 http://www.exploit-db.com/exploits/24886 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2011-5163
https://notcve.org/view.php?id=CVE-2011-5163
Buffer overflow in an unspecified third-party component in the Batch module for Schneider Electric CitectSCADA before 7.20 and Mitsubishi MX4 SCADA before 7.20 allows local users to execute arbitrary code via a long string in a login sequence. Desbordamiento de búfer en un componente de terceros no especificado en el módulo de ejecución por lote para Schneider Electric CitectSCADA anterior a v7.20 y Mitsubishi MX4 SCADA anterior a v7.20 permite a usuarios locales ejecutar código arbitrario a través de una cadena larga en una secuencia de acceso. • http://secunia.com/advisories/46779 http://secunia.com/advisories/46786 http://www.citect.com/citectscada-batch http://www.osvdb.org/76937 http://www.securitytracker.com/id?1026306 http://www.us-cert.gov/control_systems/pdf/ICSA-11-279-02.pdf https://my.mitsubishi-automation.com/downloads_show.php?portal_id=1&doc_type=safety&scat=2&sstr=MX4%2CSCADA • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •