Buffer overflow in Honeywell Enterprise_building_manager

CVE-2012-0254

Stack-based buffer overflow in the HMIWeb Browser HSCDSPRenderDLL ActiveX control in Honeywell Process Solutions (HPS) Experion R2xx, R30x, R31x, and R400.x; Honeywell Building Solutions (HBS) Enterprise Building Manager R400 and R410.1; a…

Vulnerability class: Buffer Overflow

EPSS: 0.026 (85.9th percentile) — read the EPSS interpretation.

Affected products

Honeywell Enterprise_building_manager — versions r400, r410.1
Honeywell Experion — versions r200, r300, r310
Honeywell Symmetre — versions r410.1
N/a — versions n/a

Weakness classification (CWE)

CWE-787 — Out-of-bounds Write

References

cret@cert.org (x_refsource_MISC, Vendor Advisory)
cret@cert.org (US Government Resource, Third Party Advisory, x_refsource_MISC)