Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-4535

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2011-4535
Last Modified 03 Apr 2012 12:00:00
Published 02 Apr 2012 11:44:36
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-4535

Summary

Buffer overflow in TurboPower Abbrevia before 4.0, as used in ScadaTEC ScadaPhone 5.3.11.1230 and earlier, ScadaTEC ModbusTagServer 4.1.1.81 and earlier, and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ZIP file.

Vulnerable Systems

Application

  • Craig Peterson Turbopower Abbrevia 3.05

  • Scadatec Modbustagserver 4.1.1.81

  • Scadatec Scadaphone 5.3.11.1230


References

MISC - http://www.us-cert.gov/control_systems/pdf/ICSA-11-362-01.pdf

MISC - http://sourceforge.net/projects/tpabbrevia/files/Abbrevia%204.0.zip/download


Last Updated: 27 May 2016 10:56:28