Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-0657

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2013-0657
Last Modified 23 Jan 2013 12:00:00
Published 21 Jan 2013 11:55:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2013-0657

Summary

Stack-based buffer overflow in Schneider Electric Interactive Graphical SCADA System (IGSS) 10 and earlier allows remote attackers to execute arbitrary code by sending TCP port-12397 data that does not comply with a protocol.

Vulnerable Systems

Application

  • Schneider-electric Interactive Graphical Scada System 10.0

  • Schneider-electric Interactive Graphical Scada System 9.0


References

MISC - http://www.us-cert.gov/control_systems/pdf/ICSA-13-018-01.pdf

CONFIRM - http://igss.schneider-electric.com/igss/igssupdates/v90/progupdatesv90.zip

CONFIRM - http://igss.schneider-electric.com/igss/igssupdates/v100/progupdatesv100.zip


Last Updated: 27 May 2016 10:51:50