CVE-2012-0257
- EPSS 3.14%
- Published 02.04.2012 20:55:02
- Last modified 11.04.2025 00:51:21
Heap-based buffer overflow in the WWCabFile ActiveX component in the Wonderware System Platform in Invensys Wonderware Application Server 2012 and earlier, Foxboro Control Software 3.1 and earlier, InFusion CE/FE/SCADA 2.5 and earlier, Wonderware Inf...
CVE-2012-0258
- EPSS 3.14%
- Published 02.04.2012 20:55:02
- Last modified 11.04.2025 00:51:21
Heap-based buffer overflow in the WWCabFile ActiveX component in the Wonderware System Platform in Invensys Wonderware Application Server 2012 and earlier, Foxboro Control Software 3.1 and earlier, InFusion CE/FE/SCADA 2.5 and earlier, Wonderware Inf...
CVE-2012-0225
- EPSS 0.54%
- Published 02.04.2012 20:55:01
- Last modified 11.04.2025 00:51:21
Cross-site scripting (XSS) vulnerability in Invensys Wonderware Information Server 4.0 SP1 and 4.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2012-0226
- EPSS 0.52%
- Published 02.04.2012 20:55:01
- Last modified 11.04.2025 00:51:21
SQL injection vulnerability in Invensys Wonderware Information Server 4.0 SP1 and 4.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2012-0228
- EPSS 0.56%
- Published 02.04.2012 20:55:01
- Last modified 11.04.2025 00:51:21
Invensys Wonderware Information Server 4.0 SP1 and 4.5 does not properly implement client controls, which allows remote attackers to bypass intended access restrictions via unspecified vectors.
CVE-2011-2962
- EPSS 3.15%
- Published 29.07.2011 19:55:04
- Last modified 11.04.2025 00:51:21
Multiple stack-based buffer overflows in Invensys Wonderware Information Server 3.1, 4.0, and 4.0 SP1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via two unspecified ActiveX controls.