CVE-2012-3010

rifsrvd.exe in the Remote Interface Service in GE Intelligent Platforms Proficy Real-Time Information Portal 2.6 through 3.5 SP1 allows remote attackers to cause a denial of service (memory corruption and service crash) or possibly execute arbitrary code via long input data, a different vulnerability than CVE-2012-3021 and CVE-2012-3026.

🔗 References (8)

• ics-cert@hqhttp://support.ge-ip.com/support/index?page=kbchannel&id=S:KB15050
• ics-cert@hqhttp://support.ge-ip.com/support/resources/sites/GE_FANUC_SUPPORT/content/live/KB/15000/KB15050/en_US/GEIP12-10%20Security%20Advisory%20-%20Proficy%20Portal%20rifsrvd.pdf
• ics-cert@hqhttp://www.securityfocus.com/bid/55935
• ics-cert@hqhttp://www.us-cert.gov/control_systems/pdf/ICSA-12-234-01.pdf
• af854a3a-2127-422b-91ae-364da2661108http://support.ge-ip.com/support/index?page=kbchannel&id=S:KB15050
• af854a3a-2127-422b-91ae-364da2661108http://support.ge-ip.com/support/resources/sites/GE_FANUC_SUPPORT/content/live/KB/15000/KB15050/en_US/GEIP12-10%20Security%20Advisory%20-%20Proficy%20Portal%20rifsrvd.pdf
• af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/55935
• af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/control_systems/pdf/ICSA-12-234-01.pdf