CVE-2011-1919

Опубликовано: 02 нояб. 2011

Источник: nvd

CVSS2: 10

EPSS Низкий

Описание

Multiple stack-based buffer overflows in GE Intelligent Platforms Proficy Applications before 4.4.1 SIM 101 and 5.x before 5.0 SIM 43 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted TCP message traffic to (1) PRProficyMgr.exe in Proficy Server Manager, (2) PRGateway.exe in Proficy Server Gateway, (3) PRRDS.exe in Proficy Remote Data Service, or (4) PRLicenseMgr.exe in Proficy Server License Manager.

Ссылки

http://www.securityfocus.com/bid/50474
http://www.us-cert.gov/control_systems/pdf/ICSA-11-243-01.pdf
US Government Resource
http://www.securityfocus.com/bid/50474
http://www.us-cert.gov/control_systems/pdf/ICSA-11-243-01.pdf
US Government Resource

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ge:intelligent_platforms_proficy_historian:*:*:*:*:*:*:*:*

Версия до 4.4.1 (включая)

cpe:2.3:a:ge:intelligent_platforms_proficy_historian:4.0:*:*:*:*:*:*:*

cpe:2.3:a:ge:intelligent_platforms_proficy_historian:5.0:*:*:*:*:*:*:*

EPSS

Процентиль: 77%

0.01015

Низкий

10 Critical

CVSS2

Дефекты

CWE-119

Связанные уязвимости

GHSA-896g-v7p4-g9hv

github

больше 3 лет назад