Stack-based buffer overflow in Schneider Electric Wonderware InTouch Access Anywhere Server 10.6 and 11.0 allows remote attackers to execute arbitrary code via a request for a filename that does not exist.
References
Link | Resource |
---|---|
https://ics-cert.us-cert.gov/advisories/ICSA-15-008-02 | Third Party Advisory US Government Resource |
https://wdnresource.wonderware.com/support/docs/_SecurityBulletins/Security_Bulletin_LFSEC00000104.pdf |
Configurations
Configuration 1 (hide)
|
Information
Published : 2015-01-09 18:59
Updated : 2015-01-12 13:34
NVD link : CVE-2014-9190
Mitre link : CVE-2014-9190
JSON object : View
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Products Affected
schneider-electric
- wonderware_intouch_access_anywhere_server