Page 2 of 11 results (0.019 seconds)

CVSS: 9.3EPSS: 89%CPEs: 2EXPL: 0

Stack-based buffer overflow in CEServer.exe in the CEServer component in the Remote Agent module in InduSoft Web Studio 6.1 and 7.0 allows remote attackers to execute arbitrary code via a crafted 0x15 (aka Remove File) operation for a file with a long name. Un desbordamiento de búfer basado en la pila en CEServer.exe del componente CEServer en el módulo de agente remoto en InduSoft Web Studio v6.1 y v7.0 permite a atacantes remotos ejecutar código de su eelcción a través de una operación 0x15 (o sea la eliminación de un archivo) para un archivo con un nombre demasiado largo. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Indusoft WebStudio. Authentication is not required to exploit this vulnerability. The flaw exists within the CEServer component which is used as a runtime dependency for applications deployed using Indusoft WebStudio. When handling the Remove File operation (0x15) the process blindly copies user supplied data to a fixed-length buffer on the stack. • http://www.indusoft.com/hotfixes/hotfixes.php http://www.us-cert.gov/control_systems/pdf/ICSA-11-319-01.pdf http://www.zerodayinitiative.com/advisories/ZDI-11-329 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 49%CPEs: 2EXPL: 1

CEServer.exe in the CEServer component in the Remote Agent module in InduSoft Web Studio 6.1 and 7.0 does not require authentication, which allows remote attackers to execute arbitrary code via vectors related to creation of a file, loading a DLL, and process control. El componente de CEServer en el módulo de agente remoto en InduSoft Web Studio v6.1 y v7.0 no requiere autenticación, lo que permite a atacantes remotos ejecutar código de su elección a través de vectores relacionados con la creación de un archivo, la carga de un archivo DLL, y el control de procesos. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Indusoft Web Studio. Authentication is not required to exploit this vulnerability. The flaw exists within the Remote Agent component (CEServer.exe) which listens by default on TCP port 4322. When handling incoming requests the process fails to perform any type of authentication. • https://www.exploit-db.com/exploits/21837 http://www.indusoft.com/hotfixes/hotfixes.php http://www.us-cert.gov/control_systems/pdf/ICSA-11-319-01.pdf http://www.zerodayinitiative.com/advisories/ZDI-11-330 • CWE-287: Improper Authentication •

CVSS: 10.0EPSS: 5%CPEs: 1EXPL: 0

Multiple buffer overflows in the InduSoft ISSymbol ActiveX control in ISSymbol.ocx 301.1104.601.0 in InduSoft Web Studio 7.0B2 hotfix 7.0.01.04 allow remote attackers to execute arbitrary code via a long parameter to the (1) Open, (2) Close, or (3) SetCurrentLanguage method. Múltiples desbordamientos de buffer en el control ActiveX InduSoft ISSymbol en ISSymbol.ocx v301.1104.601.0 en InduSoft Web Studio v7.0B2 hotfix v7.0.01.04 permite a atacantes remotos ejecutar código de su elección a través de un parámetro largo en el método (1) Open, (2) Close, o (3) SetCurrentLanguage. • http://ics-cert.us-cert.gov/advisories/ICSA-11-273-02 http://secunia.com/advisories/44875 http://secunia.com/secunia_research/2011-61 http://www.indusoft.com/hotfixes/hotfixes.php http://www.securityfocus.com/bid/49403 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 0

Directory traversal vulnerability in NTWebServer in InduSoft Web Studio 6.1 and 7.x before 7.0+Patch 1 allows remote attackers to execute arbitrary code via an invalid request. Vulnerabilidad de salto de directorio en NTWebServer de InduSoft Web Studio 6.1 y 7.x anteriores a 7.0+Patch 1 permite a atacantes remotos ejecutar código arbitrario a través de una petición inválida. • http://www.indusoft.com/hotfixes/hotfixes.php • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 9.3EPSS: 85%CPEs: 5EXPL: 1

Multiple buffer overflows in the ISSymbol ActiveX control in ISSymbol.ocx 61.6.0.0 and 301.1009.2904.0 in the ISSymbol virtual machine, as distributed in Advantech Studio 6.1 SP6 61.6.01.05, InduSoft Web Studio before 7.0+SP1, and InduSoft Thin Client 7.0, allow remote attackers to execute arbitrary code via a long (1) InternationalOrder, (2) InternationalSeparator, or (3) LogFileName property value; or (4) a long bstrFileName argument to the OpenScreen method. Múltiples desbordamientos de buffer en el control ActiveX ISSymbol de ISSymbol.ocx 61.6.0.0 y 301.1009.2904.0 de la máquina virtual ISSymbol, como se ha distribuído en Advantech Studio 6.1 SP6 61.6.01.05, InduSoft Web Studio anteriores a 7.0+SP1, y InduSoft Thin Client 7.0. Permite a atacantes remotos ejecutar código de su elección a través de los valores de propiedades extensos (1) InternationalOrder, (2) InternationalSeparator, o (3) LogFileName; o (4) un argumento bstrFileName extenso al método OpenScreen. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Indusoft Thin Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within ISSymbol.ocx ActiveX component. • https://www.exploit-db.com/exploits/23500 http://ics-cert.us-cert.gov/advisories/ICSA-12-249-03 http://secunia.com/advisories/42928 http://secunia.com/advisories/43116 http://secunia.com/secunia_research/2011-36 http://secunia.com/secunia_research/2011-37 http://www.advantechdirect.com/eMarketingPrograms/AStudio_Patch/AStudio7.0_Patch_Final.htm http://www.indusoft.com/hotfixes/hotfixes.php http://www.securityfocus.com/bid/47596 http://www.us-cert.gov/control_systems/pdf/ICS • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •