Lucene search

3ssoftware Security Vulnerabilities

cve

CVE-2011-5058

The CmbWebserver.dll module of the Control service in 3S CoDeSys 3.4 SP4 Patch 2 allows remote attackers to create arbitrary directories under the web root by specifying a non-existent directory using \ (backslash) characters in an HTTP GET...

7.1AI Score

0.024EPSS

2012-01-10 11:55 PM

cve

CVE-2011-5007

Stack-based buffer overflow in the CmpWebServer component in 3S CoDeSys 3.4 SP4 Patch 2 and earlier, as used on the ABB AC500 PLC and possibly other products, allows remote attackers to execute arbitrary code via a long URI to TCP port...

8AI Score

0.73EPSS

2011-12-25 01:55 AM

106

cve

CVE-2011-5008

Integer overflow in the GatewayService component in 3S CoDeSys 3.4 SP4 Patch 2 allows remote attackers to execute arbitrary code via a large size value in the packet header, which triggers a heap-based buffer...

8.2AI Score

0.458EPSS

2011-12-25 01:55 AM

cve

CVE-2011-5009

The CmpWebServer.dll module in the Control service in 3S CoDeSys 3.4 SP4 Patch 2 allows remote attackers to cause a denial of service (NULL pointer dereference) via (1) a crafted Content-Length in an HTTP POST or (2) an invalid HTTP request...

6.8AI Score

0.068EPSS

2011-12-25 01:55 AM