ID

VAR-201204-0057


CVE

CVE-2011-5088


TITLE

ICONICS IcoSetServer ActiveX Control Trusted Space Any Domain Name Injection Vulnerability

Trust: 1.2

sources: CNVD: CNVD-2011-6116 // CNNVD: CNNVD-201108-547

DESCRIPTION

The GENESIS32 IcoSetServer ActiveX control in ICONICS GENESIS32 9.21 and BizViz 9.21 configures the trusted zone on the basis of user input, which allows remote attackers to execute arbitrary code via a crafted web site, related to a "Workbench32/WebHMI component SetTrustedZone Policy vulnerability.". ICONICS is a company specializing in providing OPC-based visualization software. GENESIS32 is prone to a remote security vulnerability. Failed exploit attempts will likely cause denial-of-service conditions. This may potentially allow for the execution of arbitrary code. ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: ICONICS IcoSetServer ActiveX Control Trusted Zone Policy Manipulation SECUNIA ADVISORY ID: SA45847 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45847/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45847 RELEASE DATE: 2011-09-02 DISCUSS ADVISORY: http://secunia.com/advisories/45847/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45847/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45847 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the ICONICS IcoSetServer ActiveX Control, which can be exploited by malicious people to manipulate certain data. The vulnerability is reported in version 9.21. Other versions may also be affected. SOLUTION: Apply patch or update to version 9.22. PROVIDED AND/OR DISCOVERED BY: Billy Rios and Terry McCorkle via ICS-CERT. ORIGINAL ADVISORY: ICONICS: http://www.iconics.com/certs ICS-CERT: http://www.us-cert.gov/control_systems/pdf/ICSA-11-182-01.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 4.05

sources: NVD: CVE-2011-5088 // JVNDB: JVNDB-2011-005040 // CNVD: CNVD-2011-3478 // CNVD: CNVD-2011-6116 // BID: 79756 // BID: 49406 // IVD: 7d7c4190-463f-11e9-b3f2-000c29342cb1 // IVD: 0347c63a-1f8a-11e6-abef-000c29c66e3d // IVD: f06efdd0-2353-11e6-abef-000c29c66e3d // IVD: 56e4b816-1f8a-11e6-abef-000c29c66e3d // PACKETSTORM: 104702

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 2.0

sources: IVD: 7d7c4190-463f-11e9-b3f2-000c29342cb1 // IVD: 0347c63a-1f8a-11e6-abef-000c29c66e3d // IVD: f06efdd0-2353-11e6-abef-000c29c66e3d // IVD: 56e4b816-1f8a-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-3478 // CNVD: CNVD-2011-6116

AFFECTED PRODUCTS

vendor:iconicsmodel:genesis32scope:eqversion:9.21

Trust: 3.8

vendor:iconicsmodel:bizvizscope:eqversion:9.21

Trust: 3.6

vendor:iconicsmodel:icosetserver activex controlscope:eqversion:9.21

Trust: 0.6

vendor:nomodel: - scope: - version: -

Trust: 0.6

vendor:iconicsmodel:genesis32scope:eqversion:9.21.201.01

Trust: 0.3

vendor:iconicsmodel:genesis32scope:eqversion:0

Trust: 0.3

vendor:iconicsmodel:genesis32scope:neversion:9.22

Trust: 0.3

vendor:iconicsmodel:bizvizscope:neversion:9.22

Trust: 0.3

vendor:bizvizmodel: - scope:eqversion:9.21

Trust: 0.2

vendor:genesis32model: - scope:eqversion:9.21

Trust: 0.2

vendor:iconicsmodel:icosetserver activex controlscope:eqversion:9.21*

Trust: 0.2

vendor:iconicsmodel:bizvizscope:eqversion:9.21*

Trust: 0.2

sources: IVD: f06efdd0-2353-11e6-abef-000c29c66e3d // IVD: 56e4b816-1f8a-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-3478 // CNVD: CNVD-2011-6116 // BID: 79756 // BID: 49406 // JVNDB: JVNDB-2011-005040 // CNNVD: CNNVD-201204-417 // NVD: CVE-2011-5088

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2011-5088
value: HIGH

Trust: 1.0

NVD: CVE-2011-5088
value: HIGH

Trust: 0.8

CNVD: CNVD-2011-6116
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201204-417
value: CRITICAL

Trust: 0.6

IVD: 7d7c4190-463f-11e9-b3f2-000c29342cb1
value: HIGH

Trust: 0.2

IVD: 0347c63a-1f8a-11e6-abef-000c29c66e3d
value: HIGH

Trust: 0.2

IVD: f06efdd0-2353-11e6-abef-000c29c66e3d
value: CRITICAL

Trust: 0.2

IVD: 56e4b816-1f8a-11e6-abef-000c29c66e3d
value: HIGH

Trust: 0.2

nvd@nist.gov: CVE-2011-5088
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2011-6116
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 7d7c4190-463f-11e9-b3f2-000c29342cb1
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

IVD: 0347c63a-1f8a-11e6-abef-000c29c66e3d
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

IVD: f06efdd0-2353-11e6-abef-000c29c66e3d
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

IVD: 56e4b816-1f8a-11e6-abef-000c29c66e3d
severity: HIGH
baseScore: 7.0
vectorString: AV:N/AC:M/AU:S/C:P/I:N/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 6.8
impactScore: 7.8
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0 [IVD]

Trust: 0.2

sources: IVD: 7d7c4190-463f-11e9-b3f2-000c29342cb1 // IVD: 0347c63a-1f8a-11e6-abef-000c29c66e3d // IVD: f06efdd0-2353-11e6-abef-000c29c66e3d // IVD: 56e4b816-1f8a-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-6116 // JVNDB: JVNDB-2011-005040 // CNNVD: CNNVD-201204-417 // NVD: CVE-2011-5088

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

problemtype:CWE-DesignError

Trust: 0.8

sources: JVNDB: JVNDB-2011-005040 // NVD: CVE-2011-5088

THREAT TYPE

remote

Trust: 1.2

sources: CNNVD: CNNVD-201108-547 // CNNVD: CNNVD-201204-417

TYPE

Design error

Trust: 1.1

sources: IVD: f06efdd0-2353-11e6-abef-000c29c66e3d // BID: 49406 // CNNVD: CNNVD-201204-417

CONFIGURATIONS

sources: JVNDB: JVNDB-2011-005040

PATCH

title:CERT Security Updateurl:http://www.iconics.com/certs

Trust: 0.8

title:\302\240ICONICS IcoSetServer ActiveX Control Trust Domain Policy Operation Vulnerability Patchurl:https://www.cnvd.org.cn/patchInfo/show/4983

Trust: 0.6

title:ICONICS IcoSetServer ActiveX Control Trusted Space Any Domain Name Injection Vulnerability Patchurl:https://www.cnvd.org.cn/patchInfo/show/36330

Trust: 0.6

sources: CNVD: CNVD-2011-3478 // CNVD: CNVD-2011-6116 // JVNDB: JVNDB-2011-005040

EXTERNAL IDS

db:ICS CERTid:ICSA-11-182-01

Trust: 3.1

db:NVDid:CVE-2011-5088

Trust: 2.9

db:BIDid:49406

Trust: 1.5

db:CNVDid:CNVD-2011-6116

Trust: 1.0

db:CNNVDid:CNNVD-201204-417

Trust: 0.8

db:CNVDid:CNVD-2011-3478

Trust: 0.8

db:SECUNIAid:45847

Trust: 0.8

db:JVNDBid:JVNDB-2011-005040

Trust: 0.8

db:CNNVDid:CNNVD-201108-547

Trust: 0.6

db:BIDid:79756

Trust: 0.3

db:IVDid:7D7C4190-463F-11E9-B3F2-000C29342CB1

Trust: 0.2

db:IVDid:0347C63A-1F8A-11E6-ABEF-000C29C66E3D

Trust: 0.2

db:IVDid:F06EFDD0-2353-11E6-ABEF-000C29C66E3D

Trust: 0.2

db:IVDid:56E4B816-1F8A-11E6-ABEF-000C29C66E3D

Trust: 0.2

db:PACKETSTORMid:104702

Trust: 0.1

sources: IVD: 7d7c4190-463f-11e9-b3f2-000c29342cb1 // IVD: 0347c63a-1f8a-11e6-abef-000c29c66e3d // IVD: f06efdd0-2353-11e6-abef-000c29c66e3d // IVD: 56e4b816-1f8a-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-3478 // CNVD: CNVD-2011-6116 // BID: 79756 // BID: 49406 // JVNDB: JVNDB-2011-005040 // PACKETSTORM: 104702 // CNNVD: CNNVD-201108-547 // CNNVD: CNNVD-201204-417 // NVD: CVE-2011-5088

REFERENCES

url:http://www.us-cert.gov/control_systems/pdf/icsa-11-182-01.pdf

Trust: 3.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-5088

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-5088

Trust: 0.8

url:http://secunia.com/advisories/45847/

Trust: 0.7

url:http://www.securityfocus.com/bid/49406/

Trust: 0.6

url:http://www.securityfocus.com/bid/49406

Trust: 0.6

url:http://www.iconics.com/

Trust: 0.3

url:https://ca.secunia.com/?page=viewadvisory&vuln_id=45847

Trust: 0.1

url:http://secunia.com/vulnerability_intelligence/

Trust: 0.1

url:http://secunia.com/blog/242

Trust: 0.1

url:http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

Trust: 0.1

url:http://secunia.com/advisories/secunia_security_advisories/

Trust: 0.1

url:http://secunia.com/vulnerability_scanning/personal/

Trust: 0.1

url:http://www.iconics.com/certs

Trust: 0.1

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.1

url:http://secunia.com/advisories/45847/#comments

Trust: 0.1

url:http://secunia.com/advisories/about_secunia_advisories/

Trust: 0.1

sources: CNVD: CNVD-2011-3478 // CNVD: CNVD-2011-6116 // BID: 79756 // BID: 49406 // JVNDB: JVNDB-2011-005040 // PACKETSTORM: 104702 // CNNVD: CNNVD-201108-547 // CNNVD: CNNVD-201204-417 // NVD: CVE-2011-5088

CREDITS

Billy Rios and Terry McCorkle

Trust: 0.9

sources: BID: 49406 // CNNVD: CNNVD-201108-547

SOURCES

db:IVDid:7d7c4190-463f-11e9-b3f2-000c29342cb1
db:IVDid:0347c63a-1f8a-11e6-abef-000c29c66e3d
db:IVDid:f06efdd0-2353-11e6-abef-000c29c66e3d
db:IVDid:56e4b816-1f8a-11e6-abef-000c29c66e3d
db:CNVDid:CNVD-2011-3478
db:CNVDid:CNVD-2011-6116
db:BIDid:79756
db:BIDid:49406
db:JVNDBid:JVNDB-2011-005040
db:PACKETSTORMid:104702
db:CNNVDid:CNNVD-201108-547
db:CNNVDid:CNNVD-201204-417
db:NVDid:CVE-2011-5088

LAST UPDATE DATE

2024-08-14T15:03:47.072000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2011-3478date:2011-09-02T00:00:00
db:CNVDid:CNVD-2011-6116date:2011-09-05T00:00:00
db:BIDid:79756date:2012-04-18T00:00:00
db:BIDid:49406date:2015-03-19T08:52:00
db:JVNDBid:JVNDB-2011-005040date:2012-04-20T00:00:00
db:CNNVDid:CNNVD-201108-547date:2011-09-05T00:00:00
db:CNNVDid:CNNVD-201204-417date:2012-05-23T00:00:00
db:NVDid:CVE-2011-5088date:2012-04-19T04:00:00

SOURCES RELEASE DATE

db:IVDid:7d7c4190-463f-11e9-b3f2-000c29342cb1date:2011-09-05T00:00:00
db:IVDid:0347c63a-1f8a-11e6-abef-000c29c66e3ddate:2011-09-05T00:00:00
db:IVDid:f06efdd0-2353-11e6-abef-000c29c66e3ddate:2012-04-19T00:00:00
db:IVDid:56e4b816-1f8a-11e6-abef-000c29c66e3ddate:2011-09-02T00:00:00
db:CNVDid:CNVD-2011-3478date:2011-09-02T00:00:00
db:CNVDid:CNVD-2011-6116date:2011-09-05T00:00:00
db:BIDid:79756date:2012-04-18T00:00:00
db:BIDid:49406date:2011-09-01T00:00:00
db:JVNDBid:JVNDB-2011-005040date:2012-04-20T00:00:00
db:PACKETSTORMid:104702date:2011-09-01T03:53:12
db:CNNVDid:CNNVD-201108-547date:1900-01-01T00:00:00
db:CNNVDid:CNNVD-201204-417date:2012-04-19T00:00:00
db:NVDid:CVE-2011-5088date:2012-04-18T17:55:01.167