search

aliasrobotics / RVD

Robot Vulnerability Database. An archive of robot vulnerabilities and bugs.
https://aliasrobotics.com
GNU General Public License v3.0
173 stars 31 forks source link

Buffer overflow in x87 before 3.5.5 in ABB Process Communication #917

Closed vmayoral closed 4 years ago

vmayoral commented 4 years ago 
{
    "id": 917,
    "title": "Buffer overflow in x87 before 3.5.5 in ABB Process Communication ",
    "type": "vulnerability",
    "description": "Buffer overflow in x87 before 3.5.5 in ABB Process Communication Unit 400 (PCU400) 4.4 through 4.6 allows remote attackers to execute arbitrary code via a crafted packet using the (1) IEC60870-5-101 or (2) IEC60870-5-104 communication protocol to the X87 web interface.\nThis issue is corrected in version 3.5.5 of the x87 executable. To obtain a patch or upgrade software please contact your vendor. The x87 executable is considered obsolete in newer versions of the PCU 400 and should be replaced\r\nby the newer x88 or x89 executable where applicable.\r\n\r\nLink to contact information: http://www.abb.com/industries/db0003db004333/c12573e7003305cbc1257074003d0702.aspx?productLanguage=us&country=US&tabKey=Contacts",
    "cwe": "None",
    "cve": "CVE-2008-2474",
    "keywords": "",
    "system": "",
    "vendor": null,
    "severity": {
        "rvss-score": 0,
        "rvss-vector": "",
        "severity-description": "",
        "cvss-score": 10.0,
        "cvss-vector": "CVSS:3.0/AV:N/AC:L/Au:N/C:C/I:C/A:C"
    },
    "links": [
        "https://vulners.com/cve/CVE-2008-2474",
        "https://github.com/aliasrobotics/RVD/issues/917"
    ],
    "flaw": {
        "phase": "unknown",
        "specificity": "N/A",
        "architectural-location": "N/A",
        "application": "N/A",
        "subsystem": "N/A",
        "package": "N/A",
        "languages": "None",
        "date-detected": "",
        "detected-by": "",
        "detected-by-method": "N/A",
        "date-reported": "2008-09-29",
        "reported-by": "",
        "reported-by-relationship": "N/A",
        "issue": "https://github.com/aliasrobotics/RVD/issues/917",
        "reproducibility": "",
        "trace": "",
        "reproduction": "",
        "reproduction-image": ""
    },
    "exploitation": {
        "description": "",
        "exploitation-image": "",
        "exploitation-vector": ""
    },
    "mitigation": {
        "description": "",
        "pull-request": ""
    }
}
vmayoral commented 4 years ago