CVE-2012-1801

Severity Score

7.7

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Multiple stack-based buffer overflows in (1) COM and (2) ActiveX controls in ABB WebWare Server, WebWare SDK, Interlink Module, S4 OPC Server, QuickTeach, RobotStudio S4, and RobotStudio Lite allow remote attackers to execute arbitrary code via crafted input data.

Múltiples desbordamientos de búfer basados ??en la pila en controles (1) COM y (2) ActiveX en ABB WebWare Server SDK WebWare, Módulo de Interlink, S4 Servidor OPC, QuickTeach, S4 RobotStudio y RobotStudio Lite permite a atacantes remotos ejecutar código arbitrario a través de la entrada modificada.

*Credits: N/A

CVSS Scores

NISTv2 7.7

Attack Vector

Adjacent

Attack Complexity

Low

Authentication

Single

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2012-03-21 CVE Reserved
2012-04-18 CVE Published
2024-05-07 EPSS Updated
2024-08-06 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer

CAPEC

References (4)

URL	Tag	Source
http://secunia.com/advisories/48693	Third Party Advisory
http://www.securityfocus.com/bid/52888	Vdb Entry
http://www.us-cert.gov/control_systems/pdf/ICSA-12-095-01A.pdf	Us Government Resource
http://www05.abb.com/global/scot/scot348.nsf/veritydisplay/35df9dc4a94ae83ac12579ca0043acc1/%24file/SI10231A2%20rev%200.pdf	X_refsource_confirm

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Abb Search vendor "Abb"		Interlink Module Search vendor "Abb" for product "Interlink Module"				-		-		Affected
Abb Search vendor "Abb"		Quickteach Search vendor "Abb" for product "Quickteach"				-		-		Affected
Abb Search vendor "Abb"		Robotstudio Lite Search vendor "Abb" for product "Robotstudio Lite"				-		-		Affected
Abb Search vendor "Abb"		Robotstudio S4 Search vendor "Abb" for product "Robotstudio S4"				-		-		Affected
Abb Search vendor "Abb"		S4 Opc Server Search vendor "Abb" for product "S4 Opc Server"				-		-		Affected
Abb Search vendor "Abb"		Webware Sdk Search vendor "Abb" for product "Webware Sdk"				-		-		Affected
Abb Search vendor "Abb"		Webware Server Search vendor "Abb" for product "Webware Server"				-		-		Affected