Lucene search

K
cve[email protected]CVE-2011-1564
HistoryApr 05, 2011 - 3:19 p.m.

CVE-2011-1564

2011-04-0515:19:35
CWE-189
web.nvd.nist.gov
21
cve-2011-1564
integer overflows
datac realflex realwin
remote code execution
buffer overflow
security vulnerability

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

High

0.13 Low

EPSS

Percentile

95.5%

Multiple integer overflows in the HMI application in DATAC RealFlex RealWin 2.1 (Build 6.1.10.10) and earlier allow remote attackers to execute arbitrary code via crafted (1) On_FC_MISC_FCS_MSGBROADCAST and (2) On_FC_MISC_FCS_MSGSEND packets, which trigger a heap-based buffer overflow.

Affected configurations

NVD
Node
realflexrealwinRange2.1
OR
realflexrealwinMatch1.06
OR
realflexrealwinMatch2.0

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

High

0.13 Low

EPSS

Percentile

95.5%

Related for CVE-2011-1564