CVE-2013-0682

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

C

ogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 do not properly handle exceptions, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via malformed data in a formatted text command, leading to out-of-bounds access to (1) heap or (2) stack memory.

References

Link	Resource
http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf	US Government Resource
http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf	US Government Resource

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:cogentdatahub:cogent_datahub::::::::
	cpe:2.3:a:cogentdatahub:cogent_datahub:7.0:::::::*
	cpe:2.3:a:cogentdatahub:cogent_datahub:7.0.2:::::::*
	cpe:2.3:a:cogentdatahub:cogent_datahub:7.1.0:::::::*
	cpe:2.3:a:cogentdatahub:cogent_datahub:7.1.1:::::::*
	cpe:2.3:a:cogentdatahub:cogent_datahub:7.1.1.63:::::::*
	cpe:2.3:a:cogentdatahub:cogent_datahub:7.1.2:::::::*

Configuration 2 (hide)

OR	cpe:2.3:a:cogentdatahub:opc_datahub::::::::
	cpe:2.3:a:cogentdatahub:opc_datahub:6.4.20:::::::*

Configuration 3 (hide)

AND

OR	cpe:2.3:a:cogentdatahub:cascade_datahub::::::::
	cpe:2.3:a:cogentdatahub:cascade_datahub:6.4.20:::::::*

cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

Configuration 4 (hide)

cpe:2.3:a:cogentdatahub:datahub_quicktrend:*:*:*:*:*:*:*:*

History

21 Nov 2024, 01:48

Type	Values Removed	Values Added
References	~~() http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf - US Government Resource~~	() http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf - US Government Resource

Information

Published : 2013-04-05 21:55

Updated : 2025-04-11 00:51

NVD link : CVE-2013-0682

Mitre link : CVE-2013-0682

CVE.ORG link : CVE-2013-0682

JSON object : View

Products Affected

windows

cogentdatahub

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

{"id": "CVE-2013-0682", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "[email protected]", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2013-04-05T21:55:00.863", "references": [{"url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf", "tags": ["US Government Resource"], "source": "[email protected]"}, {"url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf", "tags": ["US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 do not properly handle exceptions, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via malformed data in a formatted text command, leading to out-of-bounds access to (1) heap or (2) stack memory."}, {"lang": "es", "value": "Cogent Real-Time Systems Cogent DataHub anteriores a v7.3.0, OPC DataHub asnteriores a v6.4.22, Cascade DataHub anteriores a v6.4.22 en Windows, y DataHub QuickTrend anteriores a v7.3.0 no manejan las excepciones de forma adecuada, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo a trav\u00e9s de datos mal generados en un comando de texto formateado, conduciendo un acceso fuera del l\u00edmite a (1) memoria din\u00e1mica o (2) pila de memoria."}], "lastModified": "2025-04-11T00:51:21.963", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cogentdatahub:cogent_datahub:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "295B2419-6CBA-4815-B0E8-51D5F5BCCB80", "versionEndIncluding": "7.2.2"}, {"criteria": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D2DE7A08-D283-4EB3-BAAE-0BA4A8C2E088"}, {"criteria": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "66059E64-6EB2-4F9D-BCB3-099A01C9E72A"}, {"criteria": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F05AAB16-437D-4A4E-892B-9B83E47FEC24"}, {"criteria": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "65D16B36-567F-499D-AC7B-D2CC85AD9327"}, {"criteria": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.1.1.63:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D8EC08FD-5473-4DB6-9828-8D007FE1E5FC"}, {"criteria": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F2724B2F-49B9-4423-A8D5-95B1E81DDEF9"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cogentdatahub:opc_datahub:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5AF17ED5-1959-48BD-8166-730151AE4DE7", "versionEndIncluding": "6.4.21"}, {"criteria": "cpe:2.3:a:cogentdatahub:opc_datahub:6.4.20:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "49266854-6F6B-43F1-8A2F-DE12CAC65F99"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cogentdatahub:cascade_datahub:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2B53B6E6-3FA4-461E-9CCB-1797D513F84F", "versionEndIncluding": "6.4.21"}, {"criteria": "cpe:2.3:a:cogentdatahub:cascade_datahub:6.4.20:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A4E8524E-2F62-4B01-83E7-686525DB00D2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cogentdatahub:datahub_quicktrend:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4472B878-C776-45F2-93EF-F4C423F2AB61", "versionEndIncluding": "7.2.2"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}