var-201511-0047
Vulnerability from variot
Unitronics VisiLogic OPLC IDE before 9.8.02 does not properly restrict access to ActiveX controls, which allows remote attackers to have an unspecified impact via a crafted web site. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the TeeChart object in TeeChart5.ocx. The RemoveSeries method of the object takes a user-supplied integer as an index into an array of object pointers. The index is not checked for validity and this can cause arbitrary memory to be interpreted as an object. An attacker can leverage this vulnerability to execute arbitrary code under the context of the user. Unitronics VisiLogic OPLC IDE is Unitronics' suite of human machine interface (HMI) and PLC application programming environments for SAMBA series controllers. Unitronics VisiLogic is prone to multiple remote code-execution vulnerabilities. Failed exploit attempts will likely result in denial-of-service conditions. The affected ActiveX control is identified by CLSID: 3D6F2DBA-F4E5-40A6-8725-E99BC96CC23A. Note: This issue was previously titled 'Unitronics VisiLogic ActiveX Control Security Bypass and Arbitrary Code Injection Vulnerabilities'. The title and technical details have been changed to better reflect the underlying component affected. Unitronics VisiLogic 9.8.0.00 and prior versions are vulnerable
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "visilogic oplc ide",
"scope": null,
"trust": 3.5,
"vendor": "unitronics",
"version": null
},
{
"_id": null,
"model": "visilogic oplc ide",
"scope": "lte",
"trust": 1.0,
"vendor": "unitronics",
"version": "9.8.0.0"
},
{
"_id": null,
"model": "visilogic oplc ide",
"scope": "lt",
"trust": 0.8,
"vendor": "unitronics",
"version": "9.8.02"
},
{
"_id": null,
"model": "visilogic oplc ide",
"scope": "lte",
"trust": 0.6,
"vendor": "unitronics",
"version": "\u003c=9.8.0.00"
},
{
"_id": null,
"model": "visilogic oplc ide",
"scope": "eq",
"trust": 0.6,
"vendor": "unitronics",
"version": "9.8.0.0"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "visilogic oplc ide",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "7c5e661c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-15-578"
},
{
"db": "ZDI",
"id": "ZDI-15-577"
},
{
"db": "ZDI",
"id": "ZDI-15-580"
},
{
"db": "ZDI",
"id": "ZDI-15-573"
},
{
"db": "ZDI",
"id": "ZDI-15-579"
},
{
"db": "CNVD",
"id": "CNVD-2015-07635"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005912"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-244"
},
{
"db": "NVD",
"id": "CVE-2015-6478"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:unitronics:visilogic_oplc_ide",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005912"
}
]
},
"credits": {
"_id": null,
"data": "Steven Seeley of Source Incite",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-578"
},
{
"db": "ZDI",
"id": "ZDI-15-577"
},
{
"db": "ZDI",
"id": "ZDI-15-573"
}
],
"trust": 2.1
},
"cve": "CVE-2015-6478",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-6478",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 5.3,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2015-07635",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "7c5e661c-2351-11e6-abef-000c29c66e3d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "ZDI",
"id": "CVE-2015-6478",
"trust": 3.5,
"value": "MEDIUM"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2015-6478",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6478",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2015-07635",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201511-244",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "7c5e661c-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7c5e661c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-15-578"
},
{
"db": "ZDI",
"id": "ZDI-15-577"
},
{
"db": "ZDI",
"id": "ZDI-15-580"
},
{
"db": "ZDI",
"id": "ZDI-15-573"
},
{
"db": "ZDI",
"id": "ZDI-15-579"
},
{
"db": "CNVD",
"id": "CNVD-2015-07635"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005912"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-244"
},
{
"db": "NVD",
"id": "CVE-2015-6478"
}
]
},
"description": {
"_id": null,
"data": "Unitronics VisiLogic OPLC IDE before 9.8.02 does not properly restrict access to ActiveX controls, which allows remote attackers to have an unspecified impact via a crafted web site. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the TeeChart object in TeeChart5.ocx. The RemoveSeries method of the object takes a user-supplied integer as an index into an array of object pointers. The index is not checked for validity and this can cause arbitrary memory to be interpreted as an object. An attacker can leverage this vulnerability to execute arbitrary code under the context of the user. Unitronics VisiLogic OPLC IDE is Unitronics\u0027 suite of human machine interface (HMI) and PLC application programming environments for SAMBA series controllers. Unitronics VisiLogic is prone to multiple remote code-execution vulnerabilities. Failed exploit attempts will likely result in denial-of-service conditions. \nThe affected ActiveX control is identified by CLSID: 3D6F2DBA-F4E5-40A6-8725-E99BC96CC23A. \nNote: This issue was previously titled \u0027Unitronics VisiLogic ActiveX Control Security Bypass and Arbitrary Code Injection Vulnerabilities\u0027. The title and technical details have been changed to better reflect the underlying component affected. \nUnitronics VisiLogic 9.8.0.00 and prior versions are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6478"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005912"
},
{
"db": "ZDI",
"id": "ZDI-15-578"
},
{
"db": "ZDI",
"id": "ZDI-15-577"
},
{
"db": "ZDI",
"id": "ZDI-15-580"
},
{
"db": "ZDI",
"id": "ZDI-15-573"
},
{
"db": "ZDI",
"id": "ZDI-15-579"
},
{
"db": "CNVD",
"id": "CNVD-2015-07635"
},
{
"db": "BID",
"id": "77571"
},
{
"db": "IVD",
"id": "7c5e661c-2351-11e6-abef-000c29c66e3d"
}
],
"trust": 5.76
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2015-6478",
"trust": 7.0
},
{
"db": "ICS CERT",
"id": "ICSA-15-274-02",
"trust": 3.0
},
{
"db": "BID",
"id": "77571",
"trust": 1.9
},
{
"db": "ZDI",
"id": "ZDI-15-578",
"trust": 1.7
},
{
"db": "ZDI",
"id": "ZDI-15-577",
"trust": 1.7
},
{
"db": "ZDI",
"id": "ZDI-15-580",
"trust": 1.7
},
{
"db": "ZDI",
"id": "ZDI-15-573",
"trust": 1.7
},
{
"db": "ZDI",
"id": "ZDI-15-579",
"trust": 1.7
},
{
"db": "CNVD",
"id": "CNVD-2015-07635",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201511-244",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005912",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2910",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2911",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2918",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2904",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2919",
"trust": 0.7
},
{
"db": "IVD",
"id": "7C5E661C-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "7c5e661c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-15-578"
},
{
"db": "ZDI",
"id": "ZDI-15-577"
},
{
"db": "ZDI",
"id": "ZDI-15-580"
},
{
"db": "ZDI",
"id": "ZDI-15-573"
},
{
"db": "ZDI",
"id": "ZDI-15-579"
},
{
"db": "CNVD",
"id": "CNVD-2015-07635"
},
{
"db": "BID",
"id": "77571"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005912"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-244"
},
{
"db": "NVD",
"id": "CVE-2015-6478"
}
]
},
"id": "VAR-201511-0047",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "7c5e661c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-07635"
}
],
"trust": 1.3869565000000001
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "7c5e661c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-07635"
}
]
},
"last_update_date": "2024-11-23T23:02:39.307000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Unitronics has issued an update to correct this vulnerability.",
"trust": 3.5,
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-274-02"
},
{
"title": "Download - VisiLogic (Vision Series)",
"trust": 0.8,
"url": "http://www.unitronics.com/support/downloads"
},
{
"title": "Unitronics VisiLogic OPLC IDE patch for arbitrary code execution vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/66868"
},
{
"title": "Unitronics VisiLogic OPLC IDE Fixes for arbitrary code execution vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=58733"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-578"
},
{
"db": "ZDI",
"id": "ZDI-15-577"
},
{
"db": "ZDI",
"id": "ZDI-15-580"
},
{
"db": "ZDI",
"id": "ZDI-15-573"
},
{
"db": "ZDI",
"id": "ZDI-15-579"
},
{
"db": "CNVD",
"id": "CNVD-2015-07635"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005912"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-244"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-284",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005912"
},
{
"db": "NVD",
"id": "CVE-2015-6478"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 6.5,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-274-02"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/77571"
},
{
"trust": 1.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-580"
},
{
"trust": 1.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-573"
},
{
"trust": 1.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-578"
},
{
"trust": 1.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-577"
},
{
"trust": 1.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-579"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6478"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6478"
},
{
"trust": 0.3,
"url": "http://support.microsoft.com/kb/240797"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-578"
},
{
"db": "ZDI",
"id": "ZDI-15-577"
},
{
"db": "ZDI",
"id": "ZDI-15-580"
},
{
"db": "ZDI",
"id": "ZDI-15-573"
},
{
"db": "ZDI",
"id": "ZDI-15-579"
},
{
"db": "CNVD",
"id": "CNVD-2015-07635"
},
{
"db": "BID",
"id": "77571"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005912"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-244"
},
{
"db": "NVD",
"id": "CVE-2015-6478"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "7c5e661c-2351-11e6-abef-000c29c66e3d",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-15-578",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-15-577",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-15-580",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-15-573",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-15-579",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2015-07635",
"ident": null
},
{
"db": "BID",
"id": "77571",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005912",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201511-244",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2015-6478",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2015-11-18T00:00:00",
"db": "IVD",
"id": "7c5e661c-2351-11e6-abef-000c29c66e3d",
"ident": null
},
{
"date": "2015-12-02T00:00:00",
"db": "ZDI",
"id": "ZDI-15-578",
"ident": null
},
{
"date": "2015-12-02T00:00:00",
"db": "ZDI",
"id": "ZDI-15-577",
"ident": null
},
{
"date": "2015-12-02T00:00:00",
"db": "ZDI",
"id": "ZDI-15-580",
"ident": null
},
{
"date": "2015-12-02T00:00:00",
"db": "ZDI",
"id": "ZDI-15-573",
"ident": null
},
{
"date": "2015-12-02T00:00:00",
"db": "ZDI",
"id": "ZDI-15-579",
"ident": null
},
{
"date": "2015-11-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-07635",
"ident": null
},
{
"date": "2015-11-12T00:00:00",
"db": "BID",
"id": "77571",
"ident": null
},
{
"date": "2015-11-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005912",
"ident": null
},
{
"date": "2015-11-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201511-244",
"ident": null
},
{
"date": "2015-11-13T03:59:03.960000",
"db": "NVD",
"id": "CVE-2015-6478",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2015-12-02T00:00:00",
"db": "ZDI",
"id": "ZDI-15-578",
"ident": null
},
{
"date": "2015-12-02T00:00:00",
"db": "ZDI",
"id": "ZDI-15-577",
"ident": null
},
{
"date": "2015-12-02T00:00:00",
"db": "ZDI",
"id": "ZDI-15-580",
"ident": null
},
{
"date": "2015-12-02T00:00:00",
"db": "ZDI",
"id": "ZDI-15-573",
"ident": null
},
{
"date": "2015-12-02T00:00:00",
"db": "ZDI",
"id": "ZDI-15-579",
"ident": null
},
{
"date": "2015-11-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-07635",
"ident": null
},
{
"date": "2015-12-08T22:23:00",
"db": "BID",
"id": "77571",
"ident": null
},
{
"date": "2015-11-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005912",
"ident": null
},
{
"date": "2015-11-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201511-244",
"ident": null
},
{
"date": "2024-11-21T02:35:02.940000",
"db": "NVD",
"id": "CVE-2015-6478",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201511-244"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Unitronics VisiLogic OPLC IDE Arbitrary code execution vulnerability",
"sources": [
{
"db": "IVD",
"id": "7c5e661c-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-07635"
},
{
"db": "CNNVD",
"id": "CNNVD-201511-244"
}
],
"trust": 1.4
},
"type": {
"_id": null,
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "77571"
}
],
"trust": 0.3
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…