Lucene search

[email protected]NVD:CVE-2011-3330

HistoryNov 04, 2011 - 9:55 p.m.

CVE-2011-3330

2011-11-0421:55:03

CWE-119

[email protected]

web.nvd.nist.gov

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.4%

JSON

Buffer overflow in the UnitelWay Windows Device Driver, as used in Schneider Electric Unity Pro 6 and earlier, OPC Factory Server 3.34, Vijeo Citect 7.20 and earlier, Telemecanique Driver Pack 2.6 and earlier, Monitor Pro 7.6 and earlier, and PL7 Pro 4.5 and earlier, allows local users, and possibly remote attackers, to execute arbitrary code via an unspecified system parameter.

Affected configurations

NVD

Node

schneider-electricmonitor_proRange≤7.6

schneider-electricopc_factory_serverRange≤3.34

schneider-electricpl7_proRange≤4.5sp5

schneider-electrictelemecanique_driver_packRange≤2.6

schneider-electricunity_proRange≤6.0

schneider-electricvijeo_citectRange≤7.20

References

secunia.com/advisories/46534

www.scada.schneider-electric.com/sites/scada/en/login/vijeo-citect-unitelway-windows-device-driver.page

www.securityfocus.com/bid/50319

www.securitytracker.com/id?1026234

www.us-cert.gov/control_systems/pdf/ICSA-11-277-01.pdf

exchange.xforce.ibmcloud.com/vulnerabilities/70882

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.4%

JSON

Related for NVD:CVE-2011-3330

nessus2 cvelist1 ics1 prion1 cve1