Lucene search

[email protected]NVD:CVE-2011-2089

HistoryMay 13, 2011 - 5:05 p.m.

CVE-2011-2089

2011-05-1317:05:45

CWE-119

[email protected]

web.nvd.nist.gov

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.1 High

AI Score

Confidence

High

0.508 Medium

EPSS

Percentile

97.5%

JSON

Stack-based buffer overflow in the SetActiveXGUID method in the VersionInfo ActiveX control in GenVersion.dll 8.0.138.0 in the WebHMI subsystem in ICONICS BizViz 9.x before 9.22 and GENESIS32 9.x before 9.22 allows remote attackers to execute arbitrary code via a long string in the argument. NOTE: some of these details are obtained from third party information.

Affected configurations

NVD

Node

iconicsbizvizMatch9.0

iconicsbizvizMatch9.01

iconicsbizvizMatch9.1

iconicsbizvizMatch9.2

iconicsbizvizMatch9.13

iconicsbizvizMatch9.20

iconicsbizvizMatch9.21

Node

iconicsgenesis32Match9.0

iconicsgenesis32Match9.1

iconicsgenesis32Match9.01

iconicsgenesis32Match9.2

iconicsgenesis32Match9.13

iconicsgenesis32Match9.20

iconicsgenesis32Match9.21

References

secunia.com/advisories/44417

www.exploit-db.com/exploits/17240

www.exploit-db.com/exploits/17269

www.osvdb.org/72135

www.security-assessment.com/files/documents/advisory/ICONICS_WebHMI.pdf

www.securityfocus.com/bid/47704

www.us-cert.gov/control_systems/pdf/ICSA-11-131-01.pdf

www.vupen.com/english/advisories/2011/1174

exchange.xforce.ibmcloud.com/vulnerabilities/67267

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.1 High

AI Score

Confidence

High

0.508 Medium

EPSS

Percentile

97.5%

JSON

Related for NVD:CVE-2011-2089

prion1 cvelist1 checkpoint_advisories1 cve1