Headline

CVE-2021-45117

The OPC autogenerated ANSI C stack stubs (in the NodeSets) do not handle all error cases. This can lead to a NULL pointer dereference.

2 years ago

CVE

Open in Source

#pdf

%PDF-1.7 %�� 1 0 obj <>/Metadata 152 0 R/ViewerPreferences 153 0 R>> endobj 2 0 obj <> endobj 3 0 obj <>/ExtGState<>/ProcSet[/PDF/Text/ImageB/ImageC/ImageI] >>/Annots[ 20 0 R 23 0 R 24 0 R 25 0 R 26 0 R 27 0 R] /MediaBox[ 0 0 612 792] /Contents 4 0 R/Group<>/Tabs/S/StructParents 0>> endobj 4 0 obj <> stream x��\Ys�F~W��+�*��l��Z��%�R��ow� x v�d��tܼ��o��u�Ûq��+2��p��(�:��`y}�Ç뫛�<*�0��@�D"dp�$Q�a��~��,x��˯?^_��=cR��dL�� >��뫳��B��2A�5 ��^ �0�av:�Θ��G��H��G��J�LI��2%c�d�R0��=2#� 푐F&^K�[�y=��kb%*Y��w��`�n��v+�T�%�A0�Ë��y��6��ߧ��:�Ԡ� Gr��e��I�ҷ�j=T�<�͊@��.Vn7�\��H �)�e��6�� `2��pd��{�U3��viM��5$abZ�&E� ��X} Fޡ6�,J�f0{u��Z�< ��_�# &�)�?��Ј.��Y(;��3��𴕭 �p��p.t�a�� /��aa�5� ��c��cƝZ�/ e�u��:ї�ۗ��0�8�/]��("�(�:O-\p��>��Y��Kn��y��`��)�N�ɉ�mؙ�i�ױF/;\��J�hU�"��Ң��&��ϓ5~�z��ِ��D.N�aN�KY�fAk`��,r��A1L`�� .a�Œ9G_ԃŐ��gX��<@QN��3 nZ,A��z��*��s��mR�$$��IeKʎ��aIt��mp�+�Ǒn�Š�H �’!A� �`�(Ii�$jL��ǔ�� LA ��’ T��

Related news

CVE-2022-37012

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation OPC UA C++ Demo Server 1.7.6-537. Authentication is not required to exploit this vulnerability. The specific flaw exists within the OpcUa_SecureListener_ProcessSessionCallRequest method. A crafted OPC UA message can force the server to incorrectly update a reference count. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-16927.

1 year ago

CVE

Open in Source