2 matches found
CVE-2011-5008
CVE-2011-5008 is an integer overflow in the GatewayService of 3S CoDeSys (versions affected: CoDeSys 2.3 and 3.4; patched in V3.5 and V2.3.9.32). A large size value in the packet header enables remote attackers to trigger a heap-based buffer overflow and potentially execute arbitrary code. Attack...
CVE-2011-5007
Stack-based buffer overflow in the CmpWebServer component in 3S CoDeSys 3.4 SP4 Patch 2 and earlier, as used on the ABB AC500 PLC and possibly other products, allows remote attackers to execute arbitrary code via a long URI to TCP port 8080...