NETxAutomation NETxEIB OPC Server before 3.0.1300 does not properly validate OLE for Process Control (OPC) server handles, which allows attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors involving the (1) IOPCSyncIO::Read, (2) IOPCSyncIO::Write, (3) IOPCServer::AddGroup, (4) IOPCServer::RemoveGroup, (5) IOPCCommon::SetClientName, and (6) IOPCGroupStateMgt::CloneGroup functions, which allow access to arbitrary memory. NOTE: the vectors might be limited to attackers with physical access.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: certcc
Published: 2007-03-21T19:00:00
Updated: 2024-08-07T12:50:34.920Z
Reserved: 2007-03-06T00:00:00
Link: CVE-2007-1313
Vulnrichment
No data.
NVD
Status : Modified
Published: 2007-03-21T19:19:00.000
Modified: 2018-10-16T16:37:55.657
Link: CVE-2007-1313
Redhat
No data.