ID

VAR-201201-0266


CVE

CVE-2011-4870


TITLE

Invensys Wonderware InBatch of ActiveX Control buffer overflow vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2012-001032

DESCRIPTION

Multiple buffer overflows in the (1) GUIControls, (2) BatchObjSrv, and (3) BatchSecCtrl ActiveX controls in Invensys Wonderware InBatch 9.0 and 9.0 SP1, and InBatch 8.1 SP1, 9.0 SP2, and 9.5 Server and Runtime Clients, allow remote attackers to execute arbitrary code via a long string in a property value, a different issue than CVE-2011-3141. Invensys Wonderware InBatch Server and runtime client (1) GUIControls , (2) BatchObjSrv ,and (3) BatchSecCtrl ActiveX The control contains a buffer overflow vulnerability. This vulnerability CVE-2011-3141 Is a different vulnerability.A third party may execute arbitrary code through an excessively long string of property values. Multiple stack-based buffer overflow vulnerabilities exist in Invensys Wonderware inBatch. An attacker could exploit this vulnerability to execute arbitrary code in the context of an application that uses ActiveX controls (usually Internet Explorer), which could result in a denial of service. Failed exploit attempts will result in a denial-of-service condition. Failure to do so may result in a denial of service

Trust: 2.88

sources: NVD: CVE-2011-4870 // JVNDB: JVNDB-2012-001032 // CNVD: CNVD-2011-5603 // BID: 51129 // IVD: 7d7340de-463f-11e9-9481-000c29342cb1 // IVD: 3d641ee0-2354-11e6-abef-000c29c66e3d // VULHUB: VHN-52815

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 1.0

sources: IVD: 7d7340de-463f-11e9-9481-000c29342cb1 // IVD: 3d641ee0-2354-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-5603

AFFECTED PRODUCTS

vendor:invensysmodel:wonderware inbatchscope:eqversion:9.5

Trust: 3.3

vendor:invensysmodel:wonderware inbatchscope:eqversion:9.0

Trust: 2.7

vendor:invensysmodel:wonderware inbatchscope:eqversion:8.1

Trust: 1.9

vendor:wonderware inbatchmodel: - scope:eqversion:9.0

Trust: 1.2

vendor:invensysmodel:wonderware inbatchscope:eqversion:8.1 sp1

Trust: 0.8

vendor:invensysmodel:wonderware inbatchscope:eqversion:9.0 sp1

Trust: 0.8

vendor:invensysmodel:wonderware inbatchscope:eqversion:9.0 sp2

Trust: 0.8

vendor:wonderware inbatchmodel: - scope:eqversion:8.1

Trust: 0.4

vendor:wonderware inbatchmodel: - scope:eqversion:9.5

Trust: 0.4

vendor:invensysmodel:wonderware inbatch sp2scope:eqversion:9.0

Trust: 0.3

vendor:invensysmodel:wonderware inbatch sp1scope:eqversion:9.0

Trust: 0.3

vendor:invensysmodel:wonderware inbatch sp1scope:neversion:9.5

Trust: 0.3

vendor:invensysmodel:wonderware inbatch sp1scope:neversion:8.1

Trust: 0.3

sources: IVD: 7d7340de-463f-11e9-9481-000c29342cb1 // IVD: 3d641ee0-2354-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-5603 // BID: 51129 // JVNDB: JVNDB-2012-001032 // CNNVD: CNNVD-201112-380 // NVD: CVE-2011-4870

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2011-4870
value: MEDIUM

Trust: 1.0

NVD: CVE-2011-4870
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2011-5603
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201112-380
value: MEDIUM

Trust: 0.6

IVD: 7d7340de-463f-11e9-9481-000c29342cb1
value: MEDIUM

Trust: 0.2

IVD: 3d641ee0-2354-11e6-abef-000c29c66e3d
value: MEDIUM

Trust: 0.2

VULHUB: VHN-52815
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2011-4870
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2011-5603
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 7d7340de-463f-11e9-9481-000c29342cb1
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

IVD: 3d641ee0-2354-11e6-abef-000c29c66e3d
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-52815
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: IVD: 7d7340de-463f-11e9-9481-000c29342cb1 // IVD: 3d641ee0-2354-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-5603 // VULHUB: VHN-52815 // JVNDB: JVNDB-2012-001032 // CNNVD: CNNVD-201112-380 // NVD: CVE-2011-4870

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-52815 // JVNDB: JVNDB-2012-001032 // NVD: CVE-2011-4870

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201112-380

TYPE

Buffer overflow

Trust: 1.0

sources: IVD: 7d7340de-463f-11e9-9481-000c29342cb1 // IVD: 3d641ee0-2354-11e6-abef-000c29c66e3d // CNNVD: CNNVD-201112-380

CONFIGURATIONS

sources: JVNDB: JVNDB-2012-001032

PATCH

title:Top Pageurl:http://global.wonderware.com

Trust: 0.8

title:Wonderware 日本のパートナーurl:http://global.wonderware.com/JP/Pages/JpPartnersSI.aspx

Trust: 0.8

title:Wonderware Top Pageurl:http://global.wonderware.com/JP/pages/default.aspx

Trust: 0.8

title:Invensys Wonderware inBatch \342\200\230ActiveX\342\200\231 Control Buffer Overflow Vulnerability Patchurl:https://www.cnvd.org.cn/patchInfo/show/35885

Trust: 0.6

sources: CNVD: CNVD-2011-5603 // JVNDB: JVNDB-2012-001032

EXTERNAL IDS

db:NVDid:CVE-2011-4870

Trust: 3.8

db:BIDid:51129

Trust: 2.6

db:ICS CERTid:ICSA-11-332-01A

Trust: 2.5

db:CNNVDid:CNNVD-201112-380

Trust: 1.1

db:CNVDid:CNVD-2011-5603

Trust: 1.0

db:JVNDBid:JVNDB-2012-001032

Trust: 0.8

db:ICS CERTid:ICSA-11-332-01

Trust: 0.3

db:IVDid:7D7340DE-463F-11E9-9481-000C29342CB1

Trust: 0.2

db:IVDid:3D641EE0-2354-11E6-ABEF-000C29C66E3D

Trust: 0.2

db:VULHUBid:VHN-52815

Trust: 0.1

sources: IVD: 7d7340de-463f-11e9-9481-000c29342cb1 // IVD: 3d641ee0-2354-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-5603 // VULHUB: VHN-52815 // BID: 51129 // JVNDB: JVNDB-2012-001032 // CNNVD: CNNVD-201112-380 // NVD: CVE-2011-4870

REFERENCES

url:http://www.us-cert.gov/control_systems/pdf/icsa-11-332-01a.pdf

Trust: 2.5

url:http://www.securityfocus.com/bid/51129

Trust: 2.3

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4870

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4870

Trust: 0.8

url:http://www.us-cert.gov/control_systems/pdf/icsa-11-332-01.pdf

Trust: 0.3

url:http://support.microsoft.com/kb/240797

Trust: 0.3

url:http://global.wonderware.com/en/pages/default.aspx

Trust: 0.3

sources: CNVD: CNVD-2011-5603 // VULHUB: VHN-52815 // BID: 51129 // JVNDB: JVNDB-2012-001032 // CNNVD: CNNVD-201112-380 // NVD: CVE-2011-4870

CREDITS

Kuang-Chun Hung of the Security Research and Service Institute-Information and Communication Security Technology Center

Trust: 0.9

sources: BID: 51129 // CNNVD: CNNVD-201112-380

SOURCES

db:IVDid:7d7340de-463f-11e9-9481-000c29342cb1
db:IVDid:3d641ee0-2354-11e6-abef-000c29c66e3d
db:CNVDid:CNVD-2011-5603
db:VULHUBid:VHN-52815
db:BIDid:51129
db:JVNDBid:JVNDB-2012-001032
db:CNNVDid:CNNVD-201112-380
db:NVDid:CVE-2011-4870

LAST UPDATE DATE

2024-11-23T22:08:59.313000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2011-5603date:2011-12-22T00:00:00
db:VULHUBid:VHN-52815date:2012-01-09T00:00:00
db:BIDid:51129date:2012-01-04T16:50:00
db:JVNDBid:JVNDB-2012-001032date:2012-01-11T00:00:00
db:CNNVDid:CNNVD-201112-380date:2011-12-22T00:00:00
db:NVDid:CVE-2011-4870date:2024-11-21T01:33:09.807

SOURCES RELEASE DATE

db:IVDid:7d7340de-463f-11e9-9481-000c29342cb1date:2011-12-22T00:00:00
db:IVDid:3d641ee0-2354-11e6-abef-000c29c66e3ddate:2011-12-22T00:00:00
db:CNVDid:CNVD-2011-5603date:2011-12-22T00:00:00
db:VULHUBid:VHN-52815date:2012-01-08T00:00:00
db:BIDid:51129date:2011-12-20T00:00:00
db:JVNDBid:JVNDB-2012-001032date:2012-01-11T00:00:00
db:CNNVDid:CNNVD-201112-380date:1900-01-01T00:00:00
db:NVDid:CVE-2011-4870date:2012-01-08T00:55:02.130