CVE-2012-3026 Information

Description

rifsrvd.exe in the Remote Interface Service in GE Intelligent Platforms Proficy Real-Time Information Portal 2.6 through 3.5 SP1 allows remote attackers to cause a denial of service (memory corruption and service crash) or possibly execute arbitrary code via long input data a different vulnerability than CVE-2012-3010 and CVE-2012-3021.

Reference

http://support.ge-ip.com/support/index?page=kbchannel&id=S:KB15050 http://support.ge-ip.com/support/resources/sites/GE_FANUC_SUPPORT/content/live/KB/15000/KB15050/en_US/GEIP12-1020Security20Advisory20-20Proficy20Portal20rifsrvd.pdf http://www.securityfocus.com/bid/55935 http://www.us-cert.gov/control_systems/pdf/ICSA-12-234-01.pdf