CVSS: 9.3EPSS: 0%CPEs: 5EXPL: 0CVE-2013-0654
https://notcve.org/view.php?id=CVE-2013-0654
CimWebServer in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY 4.01 through 8.0, and Proficy Process Systems with CIMPLICITY, allows remote attackers to execute arbitrary commands or cause a denial of service (daemon crash) via a crafted packet. CimWebServer en GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY v4.01 a la v8.0, y Proficy Process Systems con CIMPLICITY, permite a atacantes remotos ejecutar comandos arbitrarios o causar una denegación de servicio (caída del demonio) a través de un paquete manipulado. • http://www.us-cert.gov/control_systems/pdf/ICSA-13-022-02.pdf • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0CVE-2012-4689
https://notcve.org/view.php?id=CVE-2012-4689
Integer overflow in CimWebServer.exe in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY 4.01 through 8.0, and Proficy Process Systems with CIMPLICITY, allows remote attackers to cause a denial of service (daemon crash) via a malformed HTTP request. Un desbordamiento de entero en CimWebServer.exe en GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY v4.01 hasta la v8.0, y Proficy Process Systems con CIMPLICITY, permite a atacantes remotos provocar una denegación de servicio (caída del demonio) a través de una petición HTTP con formato incorrecto. • http://support.ge-ip.com/support/index?page=kbchannel&id=S:KB15153 http://www.us-cert.gov/control_systems/pdf/ICSA-12-341-01.pdf • CWE-189: Numeric Errors •
CVSS: 10.0EPSS: 31%CPEs: 2EXPL: 0CVE-2008-0176
https://notcve.org/view.php?id=CVE-2008-0176
Heap-based buffer overflow in w32rtr.exe in GE Fanuc CIMPLICITY HMI SCADA system 7.0 before 7.0 SIM 9, and earlier versions before 6.1 SP6 Hot fix - 010708_162517_6106, allow remote attackers to execute arbitrary code via unknown vectors. Desbordamiento de búfer basado en montículo en w32rtr.exe de GE Fanuc CIMPLICITY HMI SCADA system 7.0 versiones anteriores a 7.0 SIM 9, y versiones anteriores a 6.1 SP6 Hot fix - 010708_162517_6106, permite a atacantes remotos ejecutar código de su elección mediante vectores desconocidos. • http://secunia.com/advisories/28663 http://securityreason.com/securityalert/3592 http://support.gefanuc.com/support/index?page=kbchannel&id=KB12458 http://www.kb.cert.org/vuls/id/308556 http://www.securityfocus.com/archive/1/487076/100/0/threaded http://www.securityfocus.com/archive/1/487241/100/0/threaded http://www.securityfocus.com/bid/27447 http://www.securitytracker.com/id?1019275 http://www.vupen.com/english/advisories/2008/0306 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •