3 results (0.016 seconds)

CVSS: 10.0EPSS: 2%CPEs: 1EXPL: 0

A Stack-Based Buffer Overflow issue was discovered in Schneider Electric Wonderware ArchestrA Logger, versions 2017.426.2307.1 and prior. The stack-based buffer overflow vulnerability has been identified, which may allow a remote attacker to execute arbitrary code in the context of a highly privileged account. Un problema de buffer-overflow en la pila fue descubierto en Schneider Electric Wonderware ArchestrA Logger, en su versión 2017.426.2307.1 y anteriores. La vulnerabilidad de buffer overflow basado en pila ha sido descubierta, lo que podría permitir a un atacante remoto ejecutar código aleatorio en el contexto de una cuenta con altos privilegios. • http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000116 http://www.securityfocus.com/bid/99488 http://www.securitytracker.com/id/1038836 https://ics-cert.us-cert.gov/advisories/ICSA-17-187-04 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

A Null Pointer Dereference issue was discovered in Schneider Electric Wonderware ArchestrA Logger, versions 2017.426.2307.1 and prior. The null pointer dereference vulnerability could allow an attacker to crash the logger process, causing a denial of service for logging and log-viewing (applications that use the Wonderware ArchestrA Logger continue to run when the Wonderware ArchestrA Logger service is unavailable). Un problema de desreferencia de un puntero NULL fue descubierto en Schneider Electric Wonderware ArchestrA Logger, en sus versiones 2017.426.2307.1 y anteriores. La vulnerabilidad de desreferencia a un puntero NULL podría permitir a un atacante hacer caer el proceso logger, causando una denegación de servicio para el loggin y el log-viewing (las aplicaciones que usan Wonderware ArchestrA Logger continua ejecutandose cuando el servicioWonderware ArchestrA Logger esta inhabilitado) • http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000116 http://www.securityfocus.com/bid/99488 http://www.securitytracker.com/id/1038836 https://ics-cert.us-cert.gov/advisories/ICSA-17-187-04 • CWE-476: NULL Pointer Dereference •

CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0

An Uncontrolled Resource Consumption issue was discovered in Schneider Electric Wonderware ArchestrA Logger, versions 2017.426.2307.1 and prior. The uncontrolled resource consumption vulnerability could allow an attacker to exhaust the memory resources of the machine, causing a denial of service. Un problema de consumo incontrolable de recursos fue descubierto en Schneider Electric Wonderware ArchestrA Logger, en su versión 2017.426.2307.1 y anteriores. La vulnerabilidad de consumo incontrolable de recursos podía permitir a un atacante agotar la fuente de memoria de la máquina causando una denegación de servicio. • http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000116 http://www.securityfocus.com/bid/99488 http://www.securitytracker.com/id/1038836 https://ics-cert.us-cert.gov/advisories/ICSA-17-187-04 • CWE-400: Uncontrolled Resource Consumption •