Lucene search

[email protected]CVE-2007-4827

HistorySep 19, 2007 - 6:17 p.m.

CVE-2007-4827

2007-09-1918:17:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2007-4827

modbus/tcp

minihmi.exe

automated solutions

modbus slave

activex control

heap corruption

arbitrary code execution

remote attack

7.9 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.339 Low

EPSS

Percentile

97.0%

JSON

Unspecified vulnerability in the Modbus/TCP Diagnostic function in MiniHMI.exe for the Automated Solutions Modbus Slave ActiveX Control before 1.5 allows remote attackers to corrupt the heap and possibly execute arbitrary code via malformed Modbus requests to TCP port 502.

CPENameOperatorVersion
automated_solutions:modbus_slave_activex_controlautomated solutions modbus slave activex controlle1.4

CPE	Name	Operator	Version
automated_solutions:modbus_slave_activex_control	automated solutions modbus slave activex control	le	1.4

References

dvlabs.tippingpoint.com/advisory/TPTI-07-15

osvdb.org/38259

www.automatedsolutions.com/pub/asmbslv/ReadMe.htm

www.kb.cert.org/vuls/id/981849

www.nessus.org/plugins/index.php?view=single&id=26066

www.securityfocus.com/archive/1/479967/100/0/threaded

www.securityfocus.com/bid/25713

www.securitytracker.com/id?1018707

exchange.xforce.ibmcloud.com/vulnerabilities/36677

7.9 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.339 Low

EPSS

Percentile

97.0%

JSON

Related for CVE-2007-4827

cert1 securityvulns2 prion1