CVE-2012-4706

Published: Feb 24, 2013Modified: Apr 29, 2026

7.8

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability: 10.0 / Impact: 6.9

Source: NVD

Description

Integer signedness error in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to cause a denial of service via a crafted packet that triggers a heap-based buffer overflow.

Affected (17)

Products: 3s Software: Codesys Gateway Server

3s Software

1 product

Codesys Gateway Server

Configuration A

17 vulnerable

Vulnerable Software	Affected Versions
3s Software Codesys Gateway Server	Up to 2.3.9.20
3s Software Codesys Gateway Server	Version 2.3.5.1
3s Software Codesys Gateway Server	Version 2.3.5.2
3s Software Codesys Gateway Server	Version 2.3.5.3
3s Software Codesys Gateway Server	Version 2.3.6.0
3s Software Codesys Gateway Server	Version 2.3.7.0
3s Software Codesys Gateway Server	Version 2.3.8.0
3s Software Codesys Gateway Server	Version 2.3.8.1
3s Software Codesys Gateway Server	Version 2.3.8.2
3s Software Codesys Gateway Server	Version 2.3.9.18
3s Software Codesys Gateway Server	Version 2.3.9.19
3s Software Codesys Gateway Server	Version 2.3.9.1
3s Software Codesys Gateway Server	Version 2.3.9.2
3s Software Codesys Gateway Server	Version 2.3.9.3
3s Software Codesys Gateway Server	Version 2.3.9.4
3s Software Codesys Gateway Server	Version 2.3.9.5
3s Software Codesys Gateway Server	Version 2.3.9

Related CWEs

CWE-189

References (2)

http://ics-cert.us-cert.gov/advisories/ICSA-13-050-01A

Source: ics-cert@hq.dhs.gov

http://ics-cert.us-cert.gov/advisories/ICSA-13-050-01A

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.