exploitDog

CVE-2011-5088

Опубликовано: 18 апр. 2012

Источник: nvd

CVSS2: 9.3

EPSS Низкий

Описание

The GENESIS32 IcoSetServer ActiveX control in ICONICS GENESIS32 9.21 and BizViz 9.21 configures the trusted zone on the basis of user input, which allows remote attackers to execute arbitrary code via a crafted web site, related to a "Workbench32/WebHMI component SetTrustedZone Policy vulnerability."

Ссылки

http://www.us-cert.gov/control_systems/pdf/ICSA-11-182-01.pdf
US Government Resource
http://www.us-cert.gov/control_systems/pdf/ICSA-11-182-01.pdf
US Government Resource

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:iconics:bizviz:9.21:*:*:*:*:*:*:*

cpe:2.3:a:iconics:genesis32:9.21:*:*:*:*:*:*:*

EPSS

Процентиль: 80%

0.01405

Низкий

9.3 Critical

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-j3h3-26pm-qcg9

github

больше 3 лет назад

The GENESIS32 IcoSetServer ActiveX control in ICONICS GENESIS32 9.21 and BizViz 9.21 configures the trusted zone on the basis of user input, which allows remote attackers to execute arbitrary code via a crafted web site, related to a "Workbench32/WebHMI component SetTrustedZone Policy vulnerability."

EPSS

Процентиль: 80%

0.01405

Низкий

9.3 Critical

CVSS2

Дефекты

NVD-CWE-Other