You are here

U-171: DeltaV Products Multiple Vulnerabilities

May 17, 2012 - 7:00am

Addthis

PROBLEM:

DeltaV Products Multiple Vulnerabilities

PLATFORM:

DeltaV and DeltaV Workstations versions 9.3.1, 10.3.1, 11.3, and 11.3.1
DeltaV ProEssentials Scientific Graph version 5.0.0.6

ABSTRACT:

Multiple vulnerabilities have been reported in DeltaV products, which can be exploited by malicious people to conduct cross-site scripting attacks, SQL injection attacks, cause a DoS (Denial of Service), and compromise a vulnerable system.

 

Reference LINKS:

Secunia Advisory SA49210
CVE-2012-1814
CVE-2012-1815
CVE-2012-1816
CVE-2012-1817
CVE-2012-1818

IMPACT ASSESSMENT:

High

Discussion:

1) Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
2) Certain unspecified input is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
3) An error within PORTSERV.exe can be exploited to cause a crash via a specially crafted packet sent to TCP or UDP port 111.
4) An error within the processing of certain fields in project files can be exploited to cause a buffer overflow via a specially crafted project file.
5) An insecure method within an ActiveX control can be exploited to overwrite arbitrary files.

Impact:

Successful exploitation of vulnerabilities #4 and #5 may allow execution of arbitrary code.

Solution:

The vendor has issued a hotfix (please contact the vendor for more information).

Addthis