Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1919

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2011-1919
Last Modified 17 Nov 2011 12:00:00
Published 02 Nov 2011 01:55:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-1919

Summary

Multiple stack-based buffer overflows in GE Intelligent Platforms Proficy Applications before 4.4.1 SIM 101 and 5.x before 5.0 SIM 43 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted TCP message traffic to (1) PRProficyMgr.exe in Proficy Server Manager, (2) PRGateway.exe in Proficy Server Gateway, (3) PRRDS.exe in Proficy Remote Data Service, or (4) PRLicenseMgr.exe in Proficy Server License Manager.

Vulnerable Systems

Application

  • Intelligent Platforms Proficy Historian 4.0

  • Intelligent Platforms Proficy Historian 4.4.1

  • Intelligent Platforms Proficy Historian 5.0


References

MISC - http://www.us-cert.gov/control_systems/pdf/ICSA-11-243-01.pdf

BID - 50474


Last Updated: 27 May 2016 10:56:52