Invensys Wonderware inBatch BatchField ActiveX Control Multiple Buffer Overflow Vulnerabilities

Bugtraq ID:	51129
Class:	Boundary Condition Error
CVE:	CVE-2011-4870
Remote:	Yes
Local:	No
Published:	Dec 20 2011 12:00AM
Updated:	Jan 04 2012 04:50PM
Credit:	Kuang-Chun Hung of the Security Research and Service Institute-Information and Communication Security Technology Center
Vulnerable:	Invensys Wonderware InBatch 9.5 Invensys Wonderware InBatch 9.0 SP2 Invensys Wonderware InBatch 9.0 SP1 Invensys Wonderware InBatch 9.0 Invensys Wonderware InBatch 8.1
Not Vulnerable:	Invensys Wonderware InBatch 9.5 SP1 Invensys Wonderware InBatch 8.1 SP1

Invensys Wonderware inBatch BatchField ActiveX Control Multiple Buffer Overflow Vulnerabilities

Invensys Wonderware inBatch is prone to multiple stack-based buffer-overflow vulnerabilities.

Attackers can exploit these issues to execute arbitrary code within the context of an application (typically Internet Explorer) that uses the ActiveX control. Failed exploit attempts will result in a denial-of-service condition.

Invensys Wonderware inBatch BatchField ActiveX Control Multiple Buffer Overflow Vulnerabilities

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Invensys Wonderware inBatch BatchField ActiveX Control Multiple Buffer Overflow Vulnerabilities

Solution:
The vendor released an update to address this issue. Please see the references for details.

Invensys Wonderware inBatch BatchField ActiveX Control Multiple Buffer Overflow Vulnerabilities

References:

• ICSA-11-332-01�??INVENSYS WONDERWARE INBATCH ACTIVEX VULNERABILITIES (US-CERT)
  
• Microsoft Support Document 240797 (Microsoft)
  
• Wonderware Products Homepage (Invensys)