Cogent Real-Time Systems DataHub Buffer Overflow Vulnerability

Bugtraq ID:	58905
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2013-0682
Remote:	Yes
Local:	No
Published:	Apr 05 2013 12:00AM
Updated:	Mar 19 2015 09:23AM
Credit:	Dillon Beresford
Vulnerable:	Cogent Real-Time Systems OPC DataHub 6.4.20 Cogent Real-Time Systems OPC DataHub 6.0.2 Cogent Real-Time Systems OPC DataHub 6 Cogent Real-Time Systems Cogent DataHub 7.1.2 Cogent Real-Time Systems Cogent DataHub 7.1.1.63 Cogent Real-Time Systems Cogent DataHub 7
Not Vulnerable:

Cogent Real-Time Systems DataHub Buffer Overflow Vulnerability

Cogent Real-Time Systems DataHub is prone to a remote buffer-overflow vulnerability.

An attacker can exploit this issue to execute arbitrary code within the context of the affected applications. Failed exploit attempts may crash the application, denying service to legitimate users.

The following Cogent Real-Time Systems products are vulnerable:

Cogent DataHub 7.2.2 and prior versions
OPC DataHub 6.4.21 and prior versions
Cascade DataHub for Windows 6.4.21 and prior versions
Cogent DataHub DataSim and DataPid demonstration clients 7.2.2
OPC DataHub DataSim and DataPid demonstration clients 6.4.21
Cascade DataHub DataSim and DataPid demonstration clients 6.4.21
DataHub QuickTrend 7.2.2 and prior versions