PT-2012-2441 · Honeywell Environmental Combustion Controls+2 · Symmetre+2
Publicado
2012-09-08
·
Atualizado
2022-02-03
·
CVE-2012-0254
CVSS v2.0
7.5
Alta
| Vetor | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Honeywell Process Solutions (HPS) Experion versions R2xx through R400.x
Honeywell Building Solutions (HBS) Enterprise Building Manager versions R400 through R410.1
Honeywell Environmental Combustion and Controls (ECC) SymmetrE version R410.1
Description
A stack-based buffer overflow issue exists in the HMIWeb Browser HSCDSPRenderDLL ActiveX control. This allows remote attackers to execute arbitrary code via unspecified vectors.
Recommendations
For Honeywell Process Solutions (HPS) Experion versions R2xx through R400.x, update to a version that includes a fix for the HSCDSPRenderDLL ActiveX control issue.
For Honeywell Building Solutions (HBS) Enterprise Building Manager versions R400 through R410.1, update to a version that includes a fix for the HSCDSPRenderDLL ActiveX control issue.
For Honeywell Environmental Combustion and Controls (ECC) SymmetrE version R410.1, update to a version that includes a fix for the HSCDSPRenderDLL ActiveX control issue.
Correção
Memory Corruption
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Enterprise Building Manager
Experion
Symmetre