var-201512-0224
Vulnerability from variot
The F1BookView ActiveX control in F1 Bookview in Schneider Electric ProClima before 6.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted integer value to the (1) AttachToSS, (2) CopyAll, (3) CopyRange, (4) CopyRangeEx, or (5) SwapTable method, a different vulnerability than CVE-2015-7918. (1) AttachToSS The method (2) CopyAll The method (3) CopyRange The method (4) CopyRangeEx The method (5) SwapTable The method. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the implementation of the CopyAll method of the F1BookView ActiveX control. The method accepts an integer value and interprets it as the address of a structure in memory. An attacker can leverage this vulnerability to achieve code execution under the context of the process. Schneider Electric ProClima is the thermal calculation software of Schneider Electric, France. Failed exploit attempts will likely result in denial-of-service conditions
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "proclima",
"scope": null,
"trust": 2.8,
"vendor": "schneider electric",
"version": null
},
{
"_id": null,
"model": "proclima",
"scope": "lte",
"trust": 1.0,
"vendor": "schneider electric",
"version": "6.1"
},
{
"_id": null,
"model": "proclima",
"scope": "eq",
"trust": 0.9,
"vendor": "schneider electric",
"version": "6.1"
},
{
"_id": null,
"model": "proclima",
"scope": "lt",
"trust": 0.8,
"vendor": "schneider electric",
"version": "6.2"
},
{
"_id": null,
"model": "electric proclima",
"scope": "lt",
"trust": 0.6,
"vendor": "schneider",
"version": "6.2"
},
{
"_id": null,
"model": "proclima",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "6.0"
},
{
"_id": null,
"model": "proclima",
"scope": "ne",
"trust": 0.3,
"vendor": "schneider electric",
"version": "6.2"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "proclima",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "694110a2-2351-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-15-629"
},
{
"db": "ZDI",
"id": "ZDI-15-626"
},
{
"db": "ZDI",
"id": "ZDI-15-628"
},
{
"db": "ZDI",
"id": "ZDI-15-627"
},
{
"db": "CNVD",
"id": "CNVD-2015-08395"
},
{
"db": "BID",
"id": "79802"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006425"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-442"
},
{
"db": "NVD",
"id": "CVE-2015-8561"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:schneider_electric:proclima",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006425"
}
]
},
"credits": {
"_id": null,
"data": "Ariele Caltabiano (kimiya)",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-629"
},
{
"db": "ZDI",
"id": "ZDI-15-628"
},
{
"db": "ZDI",
"id": "ZDI-15-627"
}
],
"trust": 2.1
},
"cve": "CVE-2015-8561",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-8561",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 4.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2015-08395",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "694110a2-2351-11e6-abef-000c29c66e3d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-86522",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "ZDI",
"id": "CVE-2015-8561",
"trust": 2.8,
"value": "MEDIUM"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2015-8561",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-8561",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2015-08395",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201512-442",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "694110a2-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-86522",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "694110a2-2351-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-15-629"
},
{
"db": "ZDI",
"id": "ZDI-15-626"
},
{
"db": "ZDI",
"id": "ZDI-15-628"
},
{
"db": "ZDI",
"id": "ZDI-15-627"
},
{
"db": "CNVD",
"id": "CNVD-2015-08395"
},
{
"db": "VULHUB",
"id": "VHN-86522"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006425"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-442"
},
{
"db": "NVD",
"id": "CVE-2015-8561"
}
]
},
"description": {
"_id": null,
"data": "The F1BookView ActiveX control in F1 Bookview in Schneider Electric ProClima before 6.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted integer value to the (1) AttachToSS, (2) CopyAll, (3) CopyRange, (4) CopyRangeEx, or (5) SwapTable method, a different vulnerability than CVE-2015-7918. (1) AttachToSS The method (2) CopyAll The method (3) CopyRange The method (4) CopyRangeEx The method (5) SwapTable The method. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the implementation of the CopyAll method of the F1BookView ActiveX control. The method accepts an integer value and interprets it as the address of a structure in memory. An attacker can leverage this vulnerability to achieve code execution under the context of the process. Schneider Electric ProClima is the thermal calculation software of Schneider Electric, France. Failed exploit attempts will likely result in denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-8561"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006425"
},
{
"db": "ZDI",
"id": "ZDI-15-629"
},
{
"db": "ZDI",
"id": "ZDI-15-626"
},
{
"db": "ZDI",
"id": "ZDI-15-628"
},
{
"db": "ZDI",
"id": "ZDI-15-627"
},
{
"db": "CNVD",
"id": "CNVD-2015-08395"
},
{
"db": "BID",
"id": "79802"
},
{
"db": "IVD",
"id": "694110a2-2351-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-86522"
}
],
"trust": 5.22
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2015-8561",
"trust": 6.4
},
{
"db": "ZDI",
"id": "ZDI-15-628",
"trust": 3.3
},
{
"db": "ZDI",
"id": "ZDI-15-629",
"trust": 2.7
},
{
"db": "ZDI",
"id": "ZDI-15-626",
"trust": 2.7
},
{
"db": "ICS CERT",
"id": "ICSA-15-335-02",
"trust": 2.5
},
{
"db": "ZDI",
"id": "ZDI-15-627",
"trust": 2.4
},
{
"db": "SCHNEIDER",
"id": "SEVD-2015-329-01",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-201512-442",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2015-08395",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006425",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3054",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3056",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3053",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3055",
"trust": 0.7
},
{
"db": "BID",
"id": "79802",
"trust": 0.4
},
{
"db": "IVD",
"id": "694110A2-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-86522",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "694110a2-2351-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-15-629"
},
{
"db": "ZDI",
"id": "ZDI-15-626"
},
{
"db": "ZDI",
"id": "ZDI-15-628"
},
{
"db": "ZDI",
"id": "ZDI-15-627"
},
{
"db": "CNVD",
"id": "CNVD-2015-08395"
},
{
"db": "VULHUB",
"id": "VHN-86522"
},
{
"db": "BID",
"id": "79802"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006425"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-442"
},
{
"db": "NVD",
"id": "CVE-2015-8561"
}
]
},
"id": "VAR-201512-0224",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "694110a2-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-08395"
},
{
"db": "VULHUB",
"id": "VHN-86522"
}
],
"trust": 1.9
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "694110a2-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-08395"
}
]
},
"last_update_date": "2024-11-23T22:42:23.101000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Schneider Electric has issued an update to correct this vulnerability.",
"trust": 2.8,
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-335-02"
},
{
"title": "SEVD-2015-329-01",
"trust": 0.8,
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-329-01"
},
{
"title": "Schneider Electric ProClima denial of service vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/68764"
},
{
"title": "Schneider Electric ProClima F1 Bookview Buffer Overflow Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59231"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-629"
},
{
"db": "ZDI",
"id": "ZDI-15-626"
},
{
"db": "ZDI",
"id": "ZDI-15-628"
},
{
"db": "ZDI",
"id": "ZDI-15-627"
},
{
"db": "CNVD",
"id": "CNVD-2015-08395"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006425"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-442"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-86522"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006425"
},
{
"db": "NVD",
"id": "CVE-2015-8561"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 5.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-335-02"
},
{
"trust": 2.6,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-628"
},
{
"trust": 2.0,
"url": "http://download.schneider-electric.com/files?p_doc_ref=sevd-2015-329-01"
},
{
"trust": 2.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-626"
},
{
"trust": 2.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-629"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-627"
},
{
"trust": 1.4,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-8561"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-8561"
},
{
"trust": 0.6,
"url": "http://support.microsoft.com/kb/240797"
},
{
"trust": 0.3,
"url": "http://www.schneider-electric.com/en/product-range-download/2560-proclima"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-629"
},
{
"db": "ZDI",
"id": "ZDI-15-626"
},
{
"db": "ZDI",
"id": "ZDI-15-628"
},
{
"db": "ZDI",
"id": "ZDI-15-627"
},
{
"db": "CNVD",
"id": "CNVD-2015-08395"
},
{
"db": "VULHUB",
"id": "VHN-86522"
},
{
"db": "BID",
"id": "79802"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006425"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-442"
},
{
"db": "NVD",
"id": "CVE-2015-8561"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "694110a2-2351-11e6-abef-000c29c66e3d",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-15-629",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-15-626",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-15-628",
"ident": null
},
{
"db": "ZDI",
"id": "ZDI-15-627",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2015-08395",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-86522",
"ident": null
},
{
"db": "BID",
"id": "79802",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006425",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201512-442",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2015-8561",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2015-12-22T00:00:00",
"db": "IVD",
"id": "694110a2-2351-11e6-abef-000c29c66e3d",
"ident": null
},
{
"date": "2015-12-08T00:00:00",
"db": "ZDI",
"id": "ZDI-15-629",
"ident": null
},
{
"date": "2015-12-08T00:00:00",
"db": "ZDI",
"id": "ZDI-15-626",
"ident": null
},
{
"date": "2015-12-08T00:00:00",
"db": "ZDI",
"id": "ZDI-15-628",
"ident": null
},
{
"date": "2015-12-08T00:00:00",
"db": "ZDI",
"id": "ZDI-15-627",
"ident": null
},
{
"date": "2015-12-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-08395",
"ident": null
},
{
"date": "2015-12-15T00:00:00",
"db": "VULHUB",
"id": "VHN-86522",
"ident": null
},
{
"date": "2015-11-25T00:00:00",
"db": "BID",
"id": "79802",
"ident": null
},
{
"date": "2015-12-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006425",
"ident": null
},
{
"date": "2015-12-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201512-442",
"ident": null
},
{
"date": "2015-12-15T05:59:09.797000",
"db": "NVD",
"id": "CVE-2015-8561",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2015-12-08T00:00:00",
"db": "ZDI",
"id": "ZDI-15-629",
"ident": null
},
{
"date": "2015-12-08T00:00:00",
"db": "ZDI",
"id": "ZDI-15-626",
"ident": null
},
{
"date": "2015-12-08T00:00:00",
"db": "ZDI",
"id": "ZDI-15-628",
"ident": null
},
{
"date": "2015-12-08T00:00:00",
"db": "ZDI",
"id": "ZDI-15-627",
"ident": null
},
{
"date": "2015-12-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-08395",
"ident": null
},
{
"date": "2015-12-16T00:00:00",
"db": "VULHUB",
"id": "VHN-86522",
"ident": null
},
{
"date": "2015-11-25T00:00:00",
"db": "BID",
"id": "79802",
"ident": null
},
{
"date": "2015-12-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006425",
"ident": null
},
{
"date": "2015-12-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201512-442",
"ident": null
},
{
"date": "2024-11-21T02:38:44.330000",
"db": "NVD",
"id": "CVE-2015-8561",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201512-442"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Schneider Electric ProClima Denial of service vulnerability",
"sources": [
{
"db": "IVD",
"id": "694110a2-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-08395"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "694110a2-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-442"
}
],
"trust": 0.8
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…