|
|
CVE Reference: CVE-2007-1313 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-1313 |
|
|
Description: NETxAutomation NETxEIB OPC Server before 3.0.1300 does not properly validate OLE for Process Control (OPC) server handles, which allows attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors involving the (1) IOPCSyncIO::Read, (2) IOPCSyncIO::Write, (3) IOPCServer::AddGroup, (4) IOPCServer::RemoveGroup, (5) IOPCCommon::SetClientName, and (6) IOPCGroupStateMgt::CloneGroup functions, which allow access to arbitrary memory. NOTE: the vectors might be limited to attackers with physical access. |
|
|
CVE Status: Candidate |
|
|
References: ST 1017803 SAID Secunia Advisory: SA24612 OSVDB 34440 MISC http://www.neutralbit.com/advisories/NB07-22.txt CONFIRM http://www.kb.cert.org/vuls/id/MIMG-6XEPXN CERT-VN 296593 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/463539/100/0/threaded BID 23059 |
|
| Return to the previous page. |
