Detections
Analytics
Advantech Studio ISSymbol ActiveX Control Multiple Buffer Overflow Vulnerabilities
high Nessus Plugin ID 60084
Language:
Synopsis
The remote Windows host has an ActiveX control that is affected by multiple buffer overflow vulnerabilities.Description
The remote Windows host is running a version of Advantech's ISSymbol (ISSymbol.ocx) ActiveX control that is affected by multiple buffer overflow vulnerabilities. These vulnerabilities can be exploited to execute arbitrary code via long values for the 'InternationalOrder', 'InternationalSeparator', or 'LogFileName' properties; or by a long 'bstrFileName' argument on the 'OpenScreen()' method.Solution
Follow the vendor's advisory to apply a hotfix.See Also
https://www.zerodayinitiative.com/advisories/ZDI-12-155/
https://www.zerodayinitiative.com/advisories/ZDI-12-168/
https://seclists.org/fulldisclosure/2012/Aug/276
https://seclists.org/fulldisclosure/2012/Aug/344
http://www.nessus.org/u?ef59308d
http://www.indusoft.com/Products-Downloads/Security-Hotfix-Updates
Plugin Details
Severity: High
ID: 60084
File Name: scada_advantech_studio_issymbol_activex_bof.nbin
Version: 1.236
Type: local
Agent: windows
Family: SCADA
Published: 7/20/2012
Updated: 11/12/2024
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: High
Score: 7.4
CVSS v2
Risk Factor: High
Base Score: 9.3
Temporal Score: 7.7
Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2011-0340
Vulnerability Information
CPE: cpe:/a:advantech:advantech_studio
Required KB Items: SMB/Registry/Enumerated, SCADA/Apps/Advantech/Studio/Installed
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 8/30/2011
Vulnerability Publication Date: 9/1/2011
Exploitable With
Core Impact
Metasploit (InduSoft Web Studio ISSymbol.ocx InternationalSeparator() Heap Overflow)
ExploitHub (EH-13-398)
Reference Information
CVE: CVE-2011-0340
BID: 47596
ICS-ALERT: 11-131-01
ICSA: 11-168-01, 11-168-01A, 12-137-02, 12-249-03