← Back

CVE-2012-0254

nvd nist
Published: Sep 8, 2012Modified: Apr 29, 2026

JSON object

Loading...
7.5
Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
Exploitability: 10.0 / Impact: 6.4
Source: NVD

Description

Stack-based buffer overflow in the HMIWeb Browser HSCDSPRenderDLL ActiveX control in Honeywell Process Solutions (HPS) Experion R2xx, R30x, R31x, and R400.x; Honeywell Building Solutions (HBS) Enterprise Building Manager R400 and R410.1; and Honeywell Environmental Combustion and Controls (ECC) SymmetrE R410.1 allows remote attackers to execute arbitrary code via unspecified vectors.

Affected (7)

Honeywell
3 products
Enterprise Building Manager
Experion
Symmetre
Configuration A
7 vulnerable
Vulnerable SoftwareAffected Versions
Honeywell
Enterprise Building Manager
Version r400
Enterprise Building Manager
Version r410.1
Honeywell
Experion
Version r200
Experion
Version r300
Experion
Version r310
Experion
Version r400.0
Symmetre
Version r410.1

Related CWEs

CWE-787
Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.

References (4)

Source: cret@cert.org
Third Party AdvisoryUS Government Resource
Source: cret@cert.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.