CVE-2012-0227
Severity Score
9.3
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Buffer overflow in the VSFlex7.VSFlexGrid ActiveX control in ComponentOne FlexGrid 7.1, as used in Open Automation Software OPC Systems.NET, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long archive file name argument to the Archive method.
Desbordamiento de búfer en el control ActiveX VSFlex7.VSFlexGrid en ComponentOne FlexGrid v7.1, como el usado en Open Automation Software OPC Systems.NET, permite a atacantes remotos provocar una denegación de servicio (caída) o ejecutar código de su elección mediante un nombre del fichero largo como argumento sobre el método Archive.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2011-12-21 CVE Reserved
- 2012-10-12 CVE Published
- 2024-08-06 CVE Updated
- 2024-08-06 First Exploit
- 2024-10-31 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/51601 | Vdb Entry | |
| http://www.us-cert.gov/control_systems/pdf/ICSA-12-012-01A.pdf | Us Government Resource | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/72604 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| http://dsecrg.com/pages/vul/show.php?id=406 | 2024-08-06 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Componentone Search vendor "Componentone" | Flexgrid Search vendor "Componentone" for product "Flexgrid" | 7.1 Search vendor "Componentone" for product "Flexgrid" and version "7.1" | - |
Affected
| ||||||
| Opcsystems Search vendor "Opcsystems" | Opcsystems.net Search vendor "Opcsystems" for product "Opcsystems.net" | <= 4.0 Search vendor "Opcsystems" for product "Opcsystems.net" and version " <= 4.0" | - |
Affected
| ||||||
| Opcsystems Search vendor "Opcsystems" | Opcsystems.net Search vendor "Opcsystems" for product "Opcsystems.net" | - | - |
Affected
| ||||||