Vulnerability Description
Stack-based buffer overflow in OSIsoft PI OPC DA Interface before 2.3.20.9 allows remote authenticated users to execute arbitrary code by sending packet data during the processing of messages associated with OPC items.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Osisoft | Pi Opc Da Interface | <= 2.3.17.18 |
Related Weaknesses (CWE)
References
- http://osvdb.org/84091
- http://secunia.com/advisories/49986
- http://www.securityfocus.com/bid/54609
- http://www.us-cert.gov/control_systems/pdf/ICSA-12-201-01.pdfUS Government Resource
- https://exchange.xforce.ibmcloud.com/vulnerabilities/77131
- http://osvdb.org/84091
- http://secunia.com/advisories/49986
- http://www.securityfocus.com/bid/54609
- http://www.us-cert.gov/control_systems/pdf/ICSA-12-201-01.pdfUS Government Resource
- https://exchange.xforce.ibmcloud.com/vulnerabilities/77131
FAQ
What is CVE-2012-3008?
CVE-2012-3008 is a vulnerability with a CVSS score of 8.5 (HIGH). Stack-based buffer overflow in OSIsoft PI OPC DA Interface before 2.3.20.9 allows remote authenticated users to execute arbitrary code by sending packet data during the processing of messages associat...
How severe is CVE-2012-3008?
CVE-2012-3008 has been rated HIGH with a CVSS base score of 8.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-3008?
Check the references section above for vendor advisories and patch information. Affected products include: Osisoft Pi Opc Da Interface.