Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-3498

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2011-3498
Last Modified 23 Sep 2011 12:00:00
Published 16 Sep 2011 01:26:14
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-3498

Summary

Heap-based buffer overflow in Progea Movicon / PowerHMI 11.2.1085 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long request.

Vulnerable Systems

Application

  • Progea Movicon Powerhmi 11

  • Progea Movicon Powerhmi 11.0.1017

  • Progea Movicon Powerhmi 11.2.1085


References

MISC - http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-256-01.pdf

XF - movicon-packets-bo(69788)

MISC - http://aluigi.altervista.org/adv/movicon_1-adv.txt


Last Updated: 27 May 2016 10:57:43