CVE-2012-3847

Name: CVE-2012-3847
Creator: NVD / NIST
Published: 2012-07-05T03:23:18.683+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 1.34%

Last modified Jun 16, 2026

CVE-2012-3847 is a vulnerability of currently unknown severity. slssvc.exe in Invensys Wonderware SuiteLink in Invensys InTouch 2012 and Wonderware Application Server 2012 allows remote attackers to cause a denial of service (resource consumption) via a long Unicode string, a different vulnerability than CVE-2012-3007.. EPSS estimates a 1.34% chance of exploitation in the next 30 days.

Description

slssvc.exe in Invensys Wonderware SuiteLink in Invensys InTouch 2012 and Wonderware Application Server 2012 allows remote attackers to cause a denial of service (resource consumption) via a long Unicode string, a different vulnerability than CVE-2012-3007.

Metrics

EPSS Probability

1.34%

67.7th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-399

Affected Software

Vendor	Product	Versions
Invensys	Intouch	2012
Invensys	Wonderware Application Server	2012

References

http://secunia.com/advisories/49173
http://www.us-cert.gov/control_systems/pdf/ICSA-12-171-01.pdfUS Government Resource
http://secunia.com/advisories/49173
http://www.us-cert.gov/control_systems/pdf/ICSA-12-171-01.pdfUS Government Resource

Timeline

Published: Jul 5, 2012
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2012-3847?

How severe is CVE-2012-3847?

Severity scoring for CVE-2012-3847 is pending analysis. The EPSS model estimates a 1.34% probability of exploitation in the next 30 days.

How do I fix CVE-2012-3847?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2012-3847?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST