Details of VAR-201204-0057

ID

VAR-201204-0057

CVE

CVE-2011-5088

TITLE

ICONICS IcoSetServer ActiveX Control Trusted Space Any Domain Name Injection Vulnerability

Trust: 1.2

sources: CNVD: CNVD-2011-6116 // CNNVD: CNNVD-201108-547

DESCRIPTION

The GENESIS32 IcoSetServer ActiveX control in ICONICS GENESIS32 9.21 and BizViz 9.21 configures the trusted zone on the basis of user input, which allows remote attackers to execute arbitrary code via a crafted web site, related to a "Workbench32/WebHMI component SetTrustedZone Policy vulnerability.". ICONICS is a company specializing in providing OPC-based visualization software. GENESIS32 is prone to a remote security vulnerability. Failed exploit attempts will likely cause denial-of-service conditions. This may potentially allow for the execution of arbitrary code. ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: ICONICS IcoSetServer ActiveX Control Trusted Zone Policy Manipulation SECUNIA ADVISORY ID: SA45847 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45847/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45847 RELEASE DATE: 2011-09-02 DISCUSS ADVISORY: http://secunia.com/advisories/45847/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45847/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45847 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the ICONICS IcoSetServer ActiveX Control, which can be exploited by malicious people to manipulate certain data. The vulnerability is reported in version 9.21. Other versions may also be affected. SOLUTION: Apply patch or update to version 9.22. PROVIDED AND/OR DISCOVERED BY: Billy Rios and Terry McCorkle via ICS-CERT. ORIGINAL ADVISORY: ICONICS: http://www.iconics.com/certs ICS-CERT: http://www.us-cert.gov/control_systems/pdf/ICSA-11-182-01.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 4.05

sources: NVD: CVE-2011-5088 // JVNDB: JVNDB-2011-005040 // CNVD: CNVD-2011-3478 // CNVD: CNVD-2011-6116 // BID: 79756 // BID: 49406 // IVD: 7d7c4190-463f-11e9-b3f2-000c29342cb1 // IVD: 0347c63a-1f8a-11e6-abef-000c29c66e3d // IVD: f06efdd0-2353-11e6-abef-000c29c66e3d // IVD: 56e4b816-1f8a-11e6-abef-000c29c66e3d // PACKETSTORM: 104702

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 2.0

AFFECTED PRODUCTS

vendor:	iconics	model:	genesis32	scope:	eq	version:	9.21	Trust: 3.8
vendor:	iconics	model:	bizviz	scope:	eq	version:	9.21	Trust: 3.6
vendor:	iconics	model:	icosetserver activex control	scope:	eq	version:	9.21	Trust: 0.6
vendor:	no	model:	-	scope:	-	version:	-	Trust: 0.6
vendor:	iconics	model:	genesis32	scope:	eq	version:	9.21.201.01	Trust: 0.3
vendor:	iconics	model:	genesis32	scope:	eq	version:	0	Trust: 0.3
vendor:	iconics	model:	genesis32	scope:	ne	version:	9.22	Trust: 0.3
vendor:	iconics	model:	bizviz	scope:	ne	version:	9.22	Trust: 0.3
vendor:	bizviz	model:	-	scope:	eq	version:	9.21	Trust: 0.2
vendor:	genesis32	model:	-	scope:	eq	version:	9.21	Trust: 0.2
vendor:	iconics	model:	icosetserver activex control	scope:	eq	version:	9.21*	Trust: 0.2
vendor:	iconics	model:	bizviz	scope:	eq	version:	9.21*	Trust: 0.2

sources: IVD: f06efdd0-2353-11e6-abef-000c29c66e3d // IVD: 56e4b816-1f8a-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-3478 // CNVD: CNVD-2011-6116 // BID: 79756 // BID: 49406 // JVNDB: JVNDB-2011-005040 // CNNVD: CNNVD-201204-417 // NVD: CVE-2011-5088

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2011-5088
value:	HIGH
Trust: 1.0
NVD:	CVE-2011-5088
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2011-6116
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201204-417
value:	CRITICAL
Trust: 0.6
IVD:	7d7c4190-463f-11e9-b3f2-000c29342cb1
value:	HIGH
Trust: 0.2
IVD:	0347c63a-1f8a-11e6-abef-000c29c66e3d
value:	HIGH
Trust: 0.2
IVD:	f06efdd0-2353-11e6-abef-000c29c66e3d
value:	CRITICAL
Trust: 0.2
IVD:	56e4b816-1f8a-11e6-abef-000c29c66e3d
value:	HIGH
Trust: 0.2

nvd@nist.gov:	CVE-2011-5088
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2011-6116
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	7d7c4190-463f-11e9-b3f2-000c29342cb1
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
IVD:	0347c63a-1f8a-11e6-abef-000c29c66e3d
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
IVD:	f06efdd0-2353-11e6-abef-000c29c66e3d
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
IVD:	56e4b816-1f8a-11e6-abef-000c29c66e3d
severity:	HIGH
baseScore:	7.0
vectorString:	AV:N/AC:M/AU:S/C:P/I:N/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	6.8
impactScore:	7.8
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0 [IVD]
Trust: 0.2

sources: IVD: 7d7c4190-463f-11e9-b3f2-000c29342cb1 // IVD: 0347c63a-1f8a-11e6-abef-000c29c66e3d // IVD: f06efdd0-2353-11e6-abef-000c29c66e3d // IVD: 56e4b816-1f8a-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-6116 // JVNDB: JVNDB-2011-005040 // CNNVD: CNNVD-201204-417 // NVD: CVE-2011-5088

PROBLEMTYPE DATA

problemtype:	NVD-CWE-Other	Trust: 1.0
problemtype:	CWE-DesignError	Trust: 0.8

sources: JVNDB: JVNDB-2011-005040 // NVD: CVE-2011-5088

THREAT TYPE

remote

Trust: 1.2

sources: CNNVD: CNNVD-201108-547 // CNNVD: CNNVD-201204-417

TYPE

Design error

Trust: 1.1

sources: IVD: f06efdd0-2353-11e6-abef-000c29c66e3d // BID: 49406 // CNNVD: CNNVD-201204-417

CONFIGURATIONS

sources: JVNDB: JVNDB-2011-005040

PATCH

title:	CERT Security Update	url:	http://www.iconics.com/certs	Trust: 0.8
title:	\302\240ICONICS IcoSetServer ActiveX Control Trust Domain Policy Operation Vulnerability Patch	url:	https://www.cnvd.org.cn/patchInfo/show/4983	Trust: 0.6
title:	ICONICS IcoSetServer ActiveX Control Trusted Space Any Domain Name Injection Vulnerability Patch	url:	https://www.cnvd.org.cn/patchInfo/show/36330	Trust: 0.6

sources: CNVD: CNVD-2011-3478 // CNVD: CNVD-2011-6116 // JVNDB: JVNDB-2011-005040

EXTERNAL IDS

db:	ICS CERT	id:	ICSA-11-182-01	Trust: 3.1
db:	NVD	id:	CVE-2011-5088	Trust: 2.9
db:	BID	id:	49406	Trust: 1.5
db:	CNVD	id:	CNVD-2011-6116	Trust: 1.0
db:	CNNVD	id:	CNNVD-201204-417	Trust: 0.8
db:	CNVD	id:	CNVD-2011-3478	Trust: 0.8
db:	SECUNIA	id:	45847	Trust: 0.8
db:	JVNDB	id:	JVNDB-2011-005040	Trust: 0.8
db:	CNNVD	id:	CNNVD-201108-547	Trust: 0.6
db:	BID	id:	79756	Trust: 0.3
db:	IVD	id:	7D7C4190-463F-11E9-B3F2-000C29342CB1	Trust: 0.2
db:	IVD	id:	0347C63A-1F8A-11E6-ABEF-000C29C66E3D	Trust: 0.2
db:	IVD	id:	F06EFDD0-2353-11E6-ABEF-000C29C66E3D	Trust: 0.2
db:	IVD	id:	56E4B816-1F8A-11E6-ABEF-000C29C66E3D	Trust: 0.2
db:	PACKETSTORM	id:	104702	Trust: 0.1

sources: IVD: 7d7c4190-463f-11e9-b3f2-000c29342cb1 // IVD: 0347c63a-1f8a-11e6-abef-000c29c66e3d // IVD: f06efdd0-2353-11e6-abef-000c29c66e3d // IVD: 56e4b816-1f8a-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-3478 // CNVD: CNVD-2011-6116 // BID: 79756 // BID: 49406 // JVNDB: JVNDB-2011-005040 // PACKETSTORM: 104702 // CNNVD: CNNVD-201108-547 // CNNVD: CNNVD-201204-417 // NVD: CVE-2011-5088

REFERENCES

url:	http://www.us-cert.gov/control_systems/pdf/icsa-11-182-01.pdf	Trust: 3.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-5088	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-5088	Trust: 0.8
url:	http://secunia.com/advisories/45847/	Trust: 0.7
url:	http://www.securityfocus.com/bid/49406/	Trust: 0.6
url:	http://www.securityfocus.com/bid/49406	Trust: 0.6
url:	http://www.iconics.com/	Trust: 0.3
url:	https://ca.secunia.com/?page=viewadvisory&vuln_id=45847	Trust: 0.1
url:	http://secunia.com/vulnerability_intelligence/	Trust: 0.1
url:	http://secunia.com/blog/242	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/	Trust: 0.1
url:	http://secunia.com/advisories/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/personal/	Trust: 0.1
url:	http://www.iconics.com/certs	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/advisories/45847/#comments	Trust: 0.1
url:	http://secunia.com/advisories/about_secunia_advisories/	Trust: 0.1

sources: CNVD: CNVD-2011-3478 // CNVD: CNVD-2011-6116 // BID: 79756 // BID: 49406 // JVNDB: JVNDB-2011-005040 // PACKETSTORM: 104702 // CNNVD: CNNVD-201108-547 // CNNVD: CNNVD-201204-417 // NVD: CVE-2011-5088

CREDITS

Billy Rios and Terry McCorkle

Trust: 0.9

sources: BID: 49406 // CNNVD: CNNVD-201108-547

SOURCES

db:	IVD	id:	7d7c4190-463f-11e9-b3f2-000c29342cb1
db:	IVD	id:	0347c63a-1f8a-11e6-abef-000c29c66e3d
db:	IVD	id:	f06efdd0-2353-11e6-abef-000c29c66e3d
db:	IVD	id:	56e4b816-1f8a-11e6-abef-000c29c66e3d
db:	CNVD	id:	CNVD-2011-3478
db:	CNVD	id:	CNVD-2011-6116
db:	BID	id:	79756
db:	BID	id:	49406
db:	JVNDB	id:	JVNDB-2011-005040
db:	PACKETSTORM	id:	104702
db:	CNNVD	id:	CNNVD-201108-547
db:	CNNVD	id:	CNNVD-201204-417
db:	NVD	id:	CVE-2011-5088

LAST UPDATE DATE

2024-08-14T15:03:47.072000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2011-3478	date:	2011-09-02T00:00:00
db:	CNVD	id:	CNVD-2011-6116	date:	2011-09-05T00:00:00
db:	BID	id:	79756	date:	2012-04-18T00:00:00
db:	BID	id:	49406	date:	2015-03-19T08:52:00
db:	JVNDB	id:	JVNDB-2011-005040	date:	2012-04-20T00:00:00
db:	CNNVD	id:	CNNVD-201108-547	date:	2011-09-05T00:00:00
db:	CNNVD	id:	CNNVD-201204-417	date:	2012-05-23T00:00:00
db:	NVD	id:	CVE-2011-5088	date:	2012-04-19T04:00:00

SOURCES RELEASE DATE

db:	IVD	id:	7d7c4190-463f-11e9-b3f2-000c29342cb1	date:	2011-09-05T00:00:00
db:	IVD	id:	0347c63a-1f8a-11e6-abef-000c29c66e3d	date:	2011-09-05T00:00:00
db:	IVD	id:	f06efdd0-2353-11e6-abef-000c29c66e3d	date:	2012-04-19T00:00:00
db:	IVD	id:	56e4b816-1f8a-11e6-abef-000c29c66e3d	date:	2011-09-02T00:00:00
db:	CNVD	id:	CNVD-2011-3478	date:	2011-09-02T00:00:00
db:	CNVD	id:	CNVD-2011-6116	date:	2011-09-05T00:00:00
db:	BID	id:	79756	date:	2012-04-18T00:00:00
db:	BID	id:	49406	date:	2011-09-01T00:00:00
db:	JVNDB	id:	JVNDB-2011-005040	date:	2012-04-20T00:00:00
db:	PACKETSTORM	id:	104702	date:	2011-09-01T03:53:12
db:	CNNVD	id:	CNNVD-201108-547	date:	1900-01-01T00:00:00
db:	CNNVD	id:	CNNVD-201204-417	date:	2012-04-19T00:00:00
db:	NVD	id:	CVE-2011-5088	date:	2012-04-18T17:55:01.167