Back to search
CVE-2010-2974
Published: Aug 5, 2010
Modified: Sep 17, 2024
PUBLISHED
Description
Stack-based buffer overflow in the IConfigurationAccess interface in the Invensys Wonderware Archestra ConfigurationAccessComponent ActiveX control in Wonderware Application Server (WAS) before 3.1 SP2 P01, as used in the Wonderware Archestra Integrated Development Environment (IDE) and the InFusion Integrated Engineering Environment (IEE), allows remote attackers to execute arbitrary code via the first argument to the UnsubscribeData method.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
VU#703189
third-party-advisory
x_refsource_CERT-VN
http://www.pacwest.wonderware.com/web/News/NewsDetails.aspx?NewsID=203108
x_refsource_CONFIRM
https://wdnresource.wonderware.com/support/kbcd/html/1/t002492.htm
x_refsource_CONFIRM
http://www.kb.cert.org/vuls/id/MORO-87MHPT
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now