Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-2530

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2011-2530
Last Modified 28 Jun 2011 12:00:00
Published 22 Jun 2011 05:55:02
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-2530

Summary

Buffer overflow in RSEds.dll in RSHWare.exe in the EDS Hardware Installation Tool 1.0.5.1 and earlier in Rockwell Automation RSLinx Classic before 2.58 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed .eds file.

Vulnerable Systems

Application

  • Rockwellautomation Eds Hardware Installation Tool 1.0.5.1

  • Rockwellautomation Rslinx Classic 2.43

  • Rockwellautomation Rslinx Classic 2.51

  • Rockwellautomation Rslinx Classic 2.52

  • Rockwellautomation Rslinx Classic 2.53

  • Rockwellautomation Rslinx Classic 2.54

  • Rockwellautomation Rslinx Classic 2.55

  • Rockwellautomation Rslinx Classic 2.56

  • Rockwellautomation Rslinx Classic 2.57


References

CONFIRM - http://www.kb.cert.org/vuls/id/MAPG-8G9PWX

CERT-VN - VU#127584

BID - 48092

CONFIRM - http://rockwellautomation.custhelp.com/app/answers/detail/a_id/279194


Last Updated: 27 May 2016 10:57:02