Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-2960

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2011-2960
Last Modified 01 Aug 2011 12:00:00
Published 29 Jul 2011 03:55:04
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-2960

Summary

Heap-based buffer overflow in httpsvr.exe 6.0.5.3 in Sunway ForceControl 6.1 SP1, SP2, and SP3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted URL.

Vulnerable Systems

Application

  • Sunwayland Forcecontrol 6.1


References

MISC - http://www.us-cert.gov/control_systems/pdf/ICSA-11-167-01.pdf

CONFIRM - http://www.sunwayland.com.cn/news_info_.asp?Nid=3593

OSVDB - 73124

MISC - http://www.cnvd.org.cn/vulnerability/CNVD-2011-05347

SECTRACK - 1025672

SECUNIA - 45033


Last Updated: 27 May 2016 10:57:13