The ABB IDAL HTTP server is vulnerable to a buffer overflow when

[vmayoral]

{
    "id": 882,
    "title": "The ABB IDAL HTTP server is vulnerable to a buffer overflow when ",
    "type": "vulnerability",
    "description": "The ABB IDAL HTTP server is vulnerable to a buffer overflow when a long Host header is sent in a web request. The Host header value overflows a buffer and overwrites a Structured Exception Handler (SEH) address. An unauthenticated attacker can submit a Host header value of 2047 bytes or more to overflow the buffer and overwrite the SEH address, which can then be leveraged to execute attacker-controlled code on the server.",
    "cwe": "None",
    "cve": "CVE-2019-7232",
    "keywords": "",
    "system": "",
    "vendor": null,
    "severity": {
        "rvss-score": 0,
        "rvss-vector": "",
        "severity-description": "",
        "cvss-score": 5.8,
        "cvss-vector": "CVSS:3.0/AV:A/AC:L/Au:N/C:P/I:P/A:P"
    },
    "links": [
        "https://vulners.com/cve/CVE-2019-7232",
        "https://github.com/aliasrobotics/RVD/issues/882"
    ],
    "flaw": {
        "phase": "unknown",
        "specificity": "N/A",
        "architectural-location": "N/A",
        "application": "N/A",
        "subsystem": "N/A",
        "package": "N/A",
        "languages": "None",
        "date-detected": "",
        "detected-by": "",
        "detected-by-method": "N/A",
        "date-reported": "2019-06-24",
        "reported-by": "",
        "reported-by-relationship": "N/A",
        "issue": "https://github.com/aliasrobotics/RVD/issues/882",
        "reproducibility": "",
        "trace": "",
        "reproduction": "",
        "reproduction-image": ""
    },
    "exploitation": {
        "description": "",
        "exploitation-image": "",
        "exploitation-vector": ""
    },
    "mitigation": {
        "description": "",
        "pull-request": ""
    }
}

[vmayoral]

• DUPLICATE: Tagging this ticket as duplicate. Referencing to #813