Heap-based buffer overflow in the WWCabFile ActiveX component in the Wonderware System Platform in Invensys Wonderware Application Server 2012 and previous versions, Foxboro Control Software 3.1 and previous versions, InFusion CE/FE/SCADA 2.5 and previous versions, Wonderware Information Server 4.5 and previous versions, ArchestrA Application Object Toolkit 3.2 and previous versions, and InTouch 10.0 up to and including 10.5 might allow remote malicious users to execute arbitrary code via a long string to the Open member, leading to a function-pointer overwrite.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
invensys wonderware application server |
||
invensys wonderware information server |
||
invensys infusion scada |
||
invensys archestra application object toolkit |
||
invensys intouch 10.0 |
||
invensys wonderware information server 4.0 |
||
invensys intouch 10.5 |
||
invensys infusion control edition |
||
invensys infusion foundation edition |
||
invensys wonderware information server 3.1 |
||
invensys foxboro control software |
Vulmon