Required CVE Record Information
Description
Buffer overflow in the lm_tcp service in Invensys Wonderware InBatch 8.1 and 9.0, as used in Invensys Foxboro I/A Series Batch 8.1 and possibly other products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted request to port 9001.
References 8 Total
- http://aluigi.org/adv/inbatch_1-adv.txt
- http://iom.invensys.com/EN/Pages/IOM_CyberSecurityUpdates.aspx
- exploit-db.com: 15707 exploit
- http://iom.invensys.com/EN/pdfLibrary/SecurityAlert_Invensys_SecurityAlert-LFSEC00000051_12-10.pdf
- secunia.com: 42528 third-party-advisory
- vupen.com: ADV-2010-3244 vdb-entry
- http://www.us-cert.gov/control_systems/pdf/ICSA-10-348-01.pdf
- kb.cert.org: VU#647928 third-party-advisory
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 8 Total
- http://aluigi.org/adv/inbatch_1-adv.txt x_transferred
- http://iom.invensys.com/EN/Pages/IOM_CyberSecurityUpdates.aspx x_transferred
- exploit-db.com: 15707 exploitx_transferred
- http://iom.invensys.com/EN/pdfLibrary/SecurityAlert_Invensys_SecurityAlert-LFSEC00000051_12-10.pdf x_transferred
- secunia.com: 42528 third-party-advisoryx_transferred
- vupen.com: ADV-2010-3244 vdb-entryx_transferred
- http://www.us-cert.gov/control_systems/pdf/ICSA-10-348-01.pdf x_transferred
- kb.cert.org: VU#647928 third-party-advisoryx_transferred