Details of VAR-201012-0059

ID

VAR-201012-0059

CVE

CVE-2010-4597

TITLE

Ecava IntegraXor Remote Stack Buffer Overflow Vulnerability

Trust: 1.0

sources: IVD: 7d7abaf0-463f-11e9-af73-000c29342cb1 // IVD: 7c5841ba-1fa5-11e6-abef-000c29c66e3d // CNVD: CNVD-2010-3307

DESCRIPTION

Stack-based buffer overflow in the save method in the IntegraXor.Project ActiveX control in igcomm.dll in Ecava IntegraXor Human-Machine Interface (HMI) before 3.5.3900.10 allows remote attackers to execute arbitrary code via a long string in the second argument. Ecava IntegraXor Contains a buffer overflow vulnerability. Ecava IntegraXor Is 1024 Writing over bytes can cause a buffer overflow on the stack.Ecava IntegraXor Service disruption by a third party with access to (DoS) An attacker may be able to attack or execute arbitrary code. Ecava IntegraXor is a human interface product that uses HTML and SVG. When sending a request that exceeds 1024 bytes, IntegraXor will write out the buffer and destroy the memory. Successful exploitation of a vulnerability can execute arbitrary instructions in an application security context. Ecava IntegraXor is prone to a remote stack-based buffer-overflow vulnerability. Failed exploit attempts will result in a denial-of-service condition. ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: IntegraXor Project ActiveX Control Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA42650 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42650/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42650 RELEASE DATE: 2010-12-27 DISCUSS ADVISORY: http://secunia.com/advisories/42650/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42650/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42650 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in IntegraXor, which can be exploited by malicious people to compromise a user's system. The vulnerability is confirmed in version 3.5.3900.5. Other versions may also be affected. SOLUTION: Update to version 3.5.3900.10 or later. PROVIDED AND/OR DISCOVERED BY: Jeremy Brown ORIGINAL ADVISORY: IntegraXor: http://www.integraxor.com/blog/integraxor-3-5-scada-security-issue-20101006-0109-vulnerability-note OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 3.87

sources: NVD: CVE-2010-4597 // CERT/CC: VU#603928 // JVNDB: JVNDB-2010-002661 // CNVD: CNVD-2010-3307 // BID: 45487 // IVD: 8881ea8c-2355-11e6-abef-000c29c66e3d // IVD: 7d7abaf0-463f-11e9-af73-000c29342cb1 // IVD: 7c5841ba-1fa5-11e6-abef-000c29c66e3d // VULMON: CVE-2010-4597 // PACKETSTORM: 97061

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 1.2

sources: IVD: 8881ea8c-2355-11e6-abef-000c29c66e3d // IVD: 7d7abaf0-463f-11e9-af73-000c29342cb1 // IVD: 7c5841ba-1fa5-11e6-abef-000c29c66e3d // CNVD: CNVD-2010-3307

AFFECTED PRODUCTS

vendor:	ecava	model:	integraxor	scope:	eq	version:	3.5.3900.5	Trust: 1.5
vendor:	ecava	model:	integraxor	scope:	lte	version:	3.5.3900.5	Trust: 1.0
vendor:	ecava	model:	integraxor	scope:	eq	version:	3.5	Trust: 0.9
vendor:	ecava	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	ecava	model:	integraxor	scope:	lt	version:	v3.5 (build 3900.10) earlier	Trust: 0.8
vendor:	integraxor	model:	-	scope:	eq	version:	*	Trust: 0.6
vendor:	ecava	model:	integraxor	scope:	ne	version:	3.5.3900.10	Trust: 0.3

sources: IVD: 8881ea8c-2355-11e6-abef-000c29c66e3d // IVD: 7d7abaf0-463f-11e9-af73-000c29342cb1 // IVD: 7c5841ba-1fa5-11e6-abef-000c29c66e3d // CERT/CC: VU#603928 // CNVD: CNVD-2010-3307 // BID: 45487 // JVNDB: JVNDB-2010-002661 // CNNVD: CNNVD-201012-313 // NVD: CVE-2010-4597

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2010-4597
value:	HIGH
Trust: 1.0
CARNEGIE MELLON:	VU#603928
value:	21.83
Trust: 0.8
NVD:	CVE-2010-4597
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201012-313
value:	CRITICAL
Trust: 0.6
IVD:	8881ea8c-2355-11e6-abef-000c29c66e3d
value:	CRITICAL
Trust: 0.2
IVD:	7d7abaf0-463f-11e9-af73-000c29342cb1
value:	CRITICAL
Trust: 0.2
IVD:	7c5841ba-1fa5-11e6-abef-000c29c66e3d
value:	CRITICAL
Trust: 0.2
VULMON:	CVE-2010-4597
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2010-4597
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
IVD:	8881ea8c-2355-11e6-abef-000c29c66e3d
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
IVD:	7d7abaf0-463f-11e9-af73-000c29342cb1
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
IVD:	7c5841ba-1fa5-11e6-abef-000c29c66e3d
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

sources: IVD: 8881ea8c-2355-11e6-abef-000c29c66e3d // IVD: 7d7abaf0-463f-11e9-af73-000c29342cb1 // IVD: 7c5841ba-1fa5-11e6-abef-000c29c66e3d // CERT/CC: VU#603928 // VULMON: CVE-2010-4597 // JVNDB: JVNDB-2010-002661 // CNNVD: CNNVD-201012-313 // NVD: CVE-2010-4597

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.8

sources: JVNDB: JVNDB-2010-002661 // NVD: CVE-2010-4597

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201012-313

TYPE

Buffer overflow

Trust: 1.2

sources: IVD: 8881ea8c-2355-11e6-abef-000c29c66e3d // IVD: 7d7abaf0-463f-11e9-af73-000c29342cb1 // IVD: 7c5841ba-1fa5-11e6-abef-000c29c66e3d // CNNVD: CNNVD-201012-313

CONFIGURATIONS

sources: JVNDB: JVNDB-2010-002661

EXPLOIT AVAILABILITY

sources: VULMON: CVE-2010-4597

PATCH

title:	IntegraXor 3.5 SCADA Security Issue 20101006-0109 Vulnerability Note	url:	http://www.integraxor.com/blog/integraxor-3-5-scada-security-issue-20101006-0109-vulnerability-note	Trust: 0.8
title:	Patch for Ecava IntegraXor Remote Stack Buffer Overflow Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/2206	Trust: 0.6

sources: CNVD: CNVD-2010-3307 // JVNDB: JVNDB-2010-002661

EXTERNAL IDS

db:	CERT/CC	id:	VU#603928	Trust: 4.2
db:	NVD	id:	CVE-2010-4597	Trust: 3.4
db:	BID	id:	45487	Trust: 3.4
db:	ICS CERT	id:	ICSA-10-322-01	Trust: 2.8
db:	VUPEN	id:	ADV-2010-3275	Trust: 2.5
db:	SECUNIA	id:	42650	Trust: 2.0
db:	EXPLOIT-DB	id:	15767	Trust: 1.7
db:	CNNVD	id:	CNNVD-201012-313	Trust: 1.2
db:	CNVD	id:	CNVD-2010-3307	Trust: 1.0
db:	JVNDB	id:	JVNDB-2010-002661	Trust: 0.8
db:	NSFOCUS	id:	16220	Trust: 0.6
db:	IVD	id:	8881EA8C-2355-11E6-ABEF-000C29C66E3D	Trust: 0.2
db:	IVD	id:	7D7ABAF0-463F-11E9-AF73-000C29342CB1	Trust: 0.2
db:	IVD	id:	7C5841BA-1FA5-11E6-ABEF-000C29C66E3D	Trust: 0.2
db:	VULMON	id:	CVE-2010-4597	Trust: 0.1
db:	PACKETSTORM	id:	97061	Trust: 0.1

sources: IVD: 8881ea8c-2355-11e6-abef-000c29c66e3d // IVD: 7d7abaf0-463f-11e9-af73-000c29342cb1 // IVD: 7c5841ba-1fa5-11e6-abef-000c29c66e3d // CERT/CC: VU#603928 // CNVD: CNVD-2010-3307 // VULMON: CVE-2010-4597 // BID: 45487 // JVNDB: JVNDB-2010-002661 // PACKETSTORM: 97061 // CNNVD: CNNVD-201012-313 // NVD: CVE-2010-4597

REFERENCES

url:	http://www.kb.cert.org/vuls/id/603928	Trust: 2.8
url:	http://www.us-cert.gov/control_systems/pdf/icsa-10-322-01.pdf	Trust: 2.8
url:	http://www.securityfocus.com/bid/45487	Trust: 2.6
url:	http://www.vupen.com/english/advisories/2010/3275	Trust: 2.5
url:	http://secunia.com/advisories/42650	Trust: 1.9
url:	http://www.integraxor.com/blog/integraxor-3-5-scada-security-issue-20101006-0109-vulnerability-note	Trust: 1.8
url:	http://www.exploit-db.com/exploits/15767	Trust: 1.7
url:	about vulnerability notes	Trust: 0.8
url:	contact us about this vulnerability	Trust: 0.8
url:	provide a vendor statement	Trust: 0.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-4597	Trust: 0.8
url:	http://jvn.jp/cert/jvnvu603928	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-4597	Trust: 0.8
url:	http://www.kb.cert.org/vuls/id/603928http	Trust: 0.6
url:	http://www.nsfocus.net/vulndb/16220	Trust: 0.6
url:	http://www.ecava.com/index.htm	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/119.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://www.exploit-db.com/exploits/15767/	Trust: 0.1
url:	http://secunia.com/products/corporate/evm/	Trust: 0.1
url:	http://secunia.com/advisories/about_secunia_advisories/	Trust: 0.1
url:	http://secunia.com/advisories/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/advisories/42650/	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/	Trust: 0.1
url:	http://secunia.com/products/corporate/vim/	Trust: 0.1
url:	https://ca.secunia.com/?page=viewadvisory&vuln_id=42650	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/personal/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/advisories/42650/#comments	Trust: 0.1

sources: CERT/CC: VU#603928 // CNVD: CNVD-2010-3307 // VULMON: CVE-2010-4597 // BID: 45487 // JVNDB: JVNDB-2010-002661 // PACKETSTORM: 97061 // CNNVD: CNNVD-201012-313 // NVD: CVE-2010-4597

CREDITS

Jeremy Brown

Trust: 0.3

sources: BID: 45487

SOURCES

db:	IVD	id:	8881ea8c-2355-11e6-abef-000c29c66e3d
db:	IVD	id:	7d7abaf0-463f-11e9-af73-000c29342cb1
db:	IVD	id:	7c5841ba-1fa5-11e6-abef-000c29c66e3d
db:	CERT/CC	id:	VU#603928
db:	CNVD	id:	CNVD-2010-3307
db:	VULMON	id:	CVE-2010-4597
db:	BID	id:	45487
db:	JVNDB	id:	JVNDB-2010-002661
db:	PACKETSTORM	id:	97061
db:	CNNVD	id:	CNNVD-201012-313
db:	NVD	id:	CVE-2010-4597

LAST UPDATE DATE

2025-04-11T23:16:48.833000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#603928	date:	2010-12-21T00:00:00
db:	CNVD	id:	CNVD-2010-3307	date:	2010-12-21T00:00:00
db:	VULMON	id:	CVE-2010-4597	date:	2011-01-11T00:00:00
db:	BID	id:	45487	date:	2015-04-13T21:02:00
db:	JVNDB	id:	JVNDB-2010-002661	date:	2011-01-20T00:00:00
db:	CNNVD	id:	CNNVD-201012-313	date:	2010-12-27T00:00:00
db:	NVD	id:	CVE-2010-4597	date:	2025-04-11T00:51:21.963

SOURCES RELEASE DATE

db:	IVD	id:	8881ea8c-2355-11e6-abef-000c29c66e3d	date:	2010-12-24T00:00:00
db:	IVD	id:	7d7abaf0-463f-11e9-af73-000c29342cb1	date:	2010-12-21T00:00:00
db:	IVD	id:	7c5841ba-1fa5-11e6-abef-000c29c66e3d	date:	2010-12-21T00:00:00
db:	CERT/CC	id:	VU#603928	date:	2010-12-17T00:00:00
db:	CNVD	id:	CNVD-2010-3307	date:	2010-12-21T00:00:00
db:	VULMON	id:	CVE-2010-4597	date:	2010-12-23T00:00:00
db:	BID	id:	45487	date:	2010-12-16T00:00:00
db:	JVNDB	id:	JVNDB-2010-002661	date:	2011-01-20T00:00:00
db:	PACKETSTORM	id:	97061	date:	2010-12-27T07:39:20
db:	CNNVD	id:	CNNVD-201012-313	date:	2010-12-24T00:00:00
db:	NVD	id:	CVE-2010-4597	date:	2010-12-23T18:00:03.823