CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2012-4713
https://notcve.org/view.php?id=CVE-2012-4713
Integer signedness error in RNADiagnostics.dll in Rockwell Automation FactoryTalk Services Platform (FTSP) CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 allows remote attackers to cause a denial of service (service outage or RNADiagReceiver.exe daemon crash) via UDP data that specifies a negative integer value. Error de signo Integer en RNADiagnostics.dll de Rockwell Automation FactoryTalk Services Platform (FTSP) CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1 y CPR9-SR6 permite a atacantes remotos provocar una denegación de servicio (interrupción del servicio o la caída del demonio RNADiagReceiver.exe) a través de los datos de UDP que especifica un valor entero negativo. • http://ics-cert.us-cert.gov/pdf/ICSA-13-095-02.pdf https://rockwellautomation.custhelp.com/app/answers/detail/a_id/537599 • CWE-189: Numeric Errors •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2012-4714
https://notcve.org/view.php?id=CVE-2012-4714
Integer overflow in RNADiagnostics.dll in Rockwell Automation FactoryTalk Services Platform (FTSP) CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 allows remote attackers to cause a denial of service (service outage or RNADiagReceiver.exe daemon crash) via UDP data that specifies a large integer value. Desbordamiento de entero en RNADiagnostics.dll de Rockwell Automation FactoryTalk Services Platform (FTSP) CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, y CPR9-SR6 permite a atacantes remotos causar una denegación de servicio (interrupción del servicio o la caída del demonio RNADiagReceiver.exe) a través de los datos de UDP que especifica un gran valor entero. • http://ics-cert.us-cert.gov/pdf/ICSA-13-095-02.pdf https://rockwellautomation.custhelp.com/app/answers/detail/a_id/537599 • CWE-189: Numeric Errors •
CVSS: 5.0EPSS: 0%CPEs: 6EXPL: 0CVE-2012-0222
https://notcve.org/view.php?id=CVE-2012-0222
The FactoryTalk (FT) RNADiagReceiver service in Rockwell Automation Allen-Bradley FactoryTalk CPR9 through SR5 and RSLogix 5000 17 through 20 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted packet. El servicio FactoryTalk (FT) RNADiagReceiver en Rockwell Automation Allen-Bradley FactoryTalk CPR9 hasta SR5 y RSLogix 5000 17 hasta 20 permite a atacantes remotos provocar una denegación de servicio (lectura fuera del límite) a través de un paquete manipulado. • http://rockwellautomation.custhelp.com/app/answers/detail/a_id/469937 http://www.us-cert.gov/control_systems/pdf/ICSA-12-088-01.pdf • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.0EPSS: 76%CPEs: 6EXPL: 1CVE-2012-0221 – Rockwell Automation FactoryTalk Activation Server - Multiple Denial of Service Vulnerabilities
https://notcve.org/view.php?id=CVE-2012-0221
The FactoryTalk (FT) RNADiagReceiver service in Rockwell Automation Allen-Bradley FactoryTalk CPR9 through SR5 and RSLogix 5000 17 through 20 does not properly handle the return value from an unspecified function, which allows remote attackers to cause a denial of service (service outage) via a crafted packet. El servicio FactoryTalk (FT) RNADiagReceiver en Rockwell Automation Allen-Bradley FactoryTalk CPR9 hasta SR5 y RSLogix 5000 17 hasta 20 no gestiona de forma adecuada el valor de retorno de una función específica, lo que permite a atacantes remotos provocar una denegación de servicio (corte de servicio) a través de un paquete manipulado. • https://www.exploit-db.com/exploits/36570 http://rockwellautomation.custhelp.com/app/answers/detail/a_id/469937 http://www.us-cert.gov/control_systems/pdf/ICSA-12-088-01.pdf • CWE-20: Improper Input Validation •