GradeZero Music Band

Monday, June 18, 2012

Tuesday, June 5, 2012

SSA-223158 : Multiple Security Vulnerabilities in WinCC 7.0 SP3


Our first release:

- X-Path Injection in WinCC DiagAgent and WebNavigator
- Directory Traversal in WinCC DiagAgent and WebNavigator
- Buffer overflow ain WinCC DiagAgent web server
- Reflected Cross-Site Scripting in  WinCC DiagAgent and WebNavigator


(CVE-2012-2596)  (CVE-2012-2597) (CVE-2012-2598) (CVE-2012-2595)  (CVE-2012-3003)




Enjoy.

Monday, June 4, 2012