CVE-2012-4714

{"id": "CVE-2012-4714", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2013-04-18T02:25:36.990", "references": [{"url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-02.pdf", "tags": ["US Government Resource"], "source": "ics-cert@hq.dhs.gov"}, {"url": "https://rockwellautomation.custhelp.com/app/answers/detail/a_id/537599", "source": "ics-cert@hq.dhs.gov"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-189"}]}], "descriptions": [{"lang": "en", "value": "Integer overflow in RNADiagnostics.dll in Rockwell Automation FactoryTalk Services Platform (FTSP) CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 allows remote attackers to cause a denial of service (service outage or RNADiagReceiver.exe daemon crash) via UDP data that specifies a large integer value."}, {"lang": "es", "value": "Desbordamiento de entero en RNADiagnostics.dll de Rockwell Automation FactoryTalk Services Platform (FTSP) CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, y CPR9-SR6 permite a atacantes remotos causar una denegaci\u00f3n de servicio (interrupci\u00f3n del servicio o la ca\u00edda del demonio RNADiagReceiver.exe) a trav\u00e9s de los datos de UDP que especifica un gran valor entero."}], "lastModified": "2013-04-18T04:00:00.000", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:rockwellautomation:factorytalk_services_platform:cpr9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E47A7DE6-DA1D-4D35-B745-5EFB71A6394B"}, {"criteria": "cpe:2.3:a:rockwellautomation:factorytalk_services_platform:cpr9:sr1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2DED3EBE-9371-46EB-9BCA-BA771AF10F61"}, {"criteria": "cpe:2.3:a:rockwellautomation:factorytalk_services_platform:cpr9:sr2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "24D48E36-78BA-48F6-B839-73163BC53634"}, {"criteria": "cpe:2.3:a:rockwellautomation:factorytalk_services_platform:cpr9:sr3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D54DE200-9BF1-425F-914A-E70178E627A8"}, {"criteria": "cpe:2.3:a:rockwellautomation:factorytalk_services_platform:cpr9:sr4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D9E3406C-AFF7-41BD-B4C3-258ED12C182C"}, {"criteria": "cpe:2.3:a:rockwellautomation:factorytalk_services_platform:cpr9:sr5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E702BB80-DB34-4726-B64F-251C3E1730FD"}, {"criteria": "cpe:2.3:a:rockwellautomation:factorytalk_services_platform:cpr9:sr5.1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C027452D-493A-46BB-B094-F2D3427B0D1F"}, {"criteria": "cpe:2.3:a:rockwellautomation:factorytalk_services_platform:cpr9:sr6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "229339FD-4EE3-49B1-8E57-00D5F4622A43"}], "operator": "OR"}]}], "sourceIdentifier": "ics-cert@hq.dhs.gov"}