Creditee: Kuang-Chun Hung

Known Contact Information:

  • None at this time

Known Affiliations:

Disclosed Vulnerabilities (39):

Disc. DateOSVDB IDCVEIDTitle
2013-04-08 92196 2012-3022 Canary Labs TrendLink ActiveX (TrendDisplay.dll) SaveToFile Method Arbitrary Code Execution
2013-01-25 89575 2013-4696
2012-4696
Beijer Electronics Multiple Product Unspecified Function String Handling Overflow
2013-01-08 89057 2012-4689 General Electric (GE) Proficy HMI/SCADA - CIMPLICITY CimWebServer.exe HTTP Data Parsing Integer Overflow
2012-10-15 86258 2012-3010 General Electric (GE) Intelligent Platforms Proficy Real-Time Information Portal Unspecified Overflow (2012-3010)
2012-10-15 86259 2012-3021 General Electric (GE) Intelligent Platforms Proficy Real-Time Information Portal Unspecified Overflow (2012-3021)
2012-10-15 86257 2012-3026 General Electric (GE) Intelligent Platforms Proficy Real-Time Information Portal Unspecified Overflow (2012-3026)
2012-09-28 85822 2012-3035 DeltaV Malformed String Parsing Remote Overflow DoS
2012-05-17 82014 2012-1818 DeltaV Multiple Product Unspecified ActiveX Arbitrary File Overwrite
2012-05-16 82011 2012-1815 DeltaV Multiple Product Unspecified SQL Injection
2012-05-16 82012 2012-1816 DeltaV Multiple Product PORTSERV.exe Packet Parsing Remote DoS
2012-05-16 82013 2012-1817 DeltaV Multiple Product Project File Handling Remote Overflow
2012-05-16 81996 2012-1814 DeltaV Multiple Product Unspecified XSS
2012-02-17 79407 2012-0223 7-Technologies TERMIS Unspecified Path Subversion Arbitrary DLL Injection Code Execution
2012-02-17 79408 2012-0224 7-Technologies AQUIS Unspecified Path Subversion Arbitrary DLL Injection Code Execution
2012-02-16 79563 2012-0234
2012-1234
Advantech/Broadwin WebAccess Unspecified SQL Injection (2012-0234)
2012-02-16 79570 2012-0235
2012-1235
Advantech/Broadwin WebAccess Unspecified CSRF
2012-02-16 79562 2011-4521 Advantech/Broadwin WebAccess Unspecified SQL Injection (2011-4521)
2012-02-16 79566 2012-0233 Advantech/Broadwin WebAccess Unspecified XSS
2012-02-16 79569 2012-0236 Advantech/Broadwin WebAccess Unspecified Information Disclosure
2012-02-16 79574 2012-0237 Advantech/Broadwin WebAccess Unauthorized Date/Time Syncing Modification
2012-02-16 79575 2012-0238 Advantech/Broadwin WebAccess opcImg.asp Remote Overflow
2012-02-16 79577 2012-0239 Advantech/Broadwin WebAccess uaddUpAdmin.asp Unauthorized Admin Password Manipulation
2012-02-16 79578 2012-0240 Advantech/Broadwin WebAccess GbScriptAddUp.asp Authentication Function Remote Code Execution
2012-02-16 79576 2011-4524 Advantech/Broadwin WebAccess Unspecified Overflow (2011-4524)
2012-02-16 79585 2011-4526 Advantech/Broadwin WebAccess Unspecified ActiveX Overflow
2012-02-16 79586 2011-4525 Advantech/Broadwin WebAccess Arbitrary File Write Remote Code Execution
2012-02-16 79567 2011-4522 Advantech/Broadwin WebAccess bwerrdn.asp Unspecified XSS
2012-02-16 79568 2011-4523 Advantech/Broadwin WebAccess bwview.asp Unspecified XSS
2012-02-16 79587 2012-0243 Advantech/Broadwin WebAccess bwocxrun.ocx Overflow Arbitrary File Creation Code Execution
2012-02-16 79565 2012-0244 Advantech/Broadwin WebAccess Unspecified SQL Injection (2012-0244)
2012-02-07 78920 2011-4533 zenon zenAdminSrv.exe Packet Parsing Remote Code Execution
2012-02-07 78921 2011-4534 zenon ZenSysSrv.exe Client Connection Saturation Remote Code Execution
2012-01-16 78328 2011-4053 7-Technologies Interactive Graphical SCADA System (IGSS) Path Subversion Arbitrary DLL Injection Code Execution
2012-01-11 78223 2011-4057 CodeMeter TCP Packet Parsing Unspecified Remote DoS
2011-12-21 78233 2012-0309 Cogent DataHub Unspecified XSS
2011-12-20 78285 2011-4870 Invensys Wonderware InBatch Multiple ActiveX Control Property Value String Parsing Remote Overflow
2011-12-09 78287 2011-4055 Siemens Tecnomatix FactoryLink WebClient ActiveX Control Location URL Parameter Parsing Remote Code Execution
2011-12-09 78286 2011-4056 Siemens Tecnomatix FactoryLink ActBar.ocx Save Method Remote Arbitrary File Write
2011-08-23 76937 2011-5163 Schneider Electric CitectSCADA Batch Module Login Sequence Buffer Overflow

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

© Copyright 2002 - 2014 Open Sourced Vulnerability Database (OSVDB), All Rights Reserved.
Privacy Statement - Terms of Use