Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-4055

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2011-4055
Last Modified 27 Nov 2012 11:30:43
Published 07 Jan 2012 07:55:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-4055

Summary

Buffer overflow in the WebClient ActiveX control in Siemens Tecnomatix FactoryLink 6.6.1 (aka 6.6 SP1), 7.5.217 (aka 7.5 SP2), and 8.0.2.54 allows remote attackers to execute arbitrary code via a long string in a parameter associated with the location URL.

Vulnerable Systems

Application

  • Siemens Tecnomatix Factorylink 6.6.1

  • Siemens Tecnomatix Factorylink 7.5.217

  • Siemens Tecnomatix Factorylink 8.0.2.54


References

CONFIRM - http://www.usdata.com/sea/factorylink/en/p_nav5.asp

MISC - http://www.us-cert.gov/control_systems/pdf/ICSA-11-343-01.pdf

XF - siemens-tecnomatix-bo(72117)

BID - 51266


Last Updated: 27 May 2016 10:58:01