| ID |
CVE-2011-1564
|
| Summary |
Multiple integer overflows in the HMI application in DATAC RealFlex RealWin 2.1 (Build 6.1.10.10) and earlier allow remote attackers to execute arbitrary code via crafted (1) On_FC_MISC_FCS_MSGBROADCAST and (2) On_FC_MISC_FCS_MSGSEND packets, which trigger a heap-based buffer overflow. |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:a:realflex:realwin:1.06:*:*:*:*:*:*:*
cpe:2.3:a:realflex:realwin:1.06:*:*:*:*:*:*:*
-
cpe:2.3:a:realflex:realwin:2.0:*:*:*:*:*:*:*
cpe:2.3:a:realflex:realwin:2.0:*:*:*:*:*:*:*
-
cpe:2.3:a:realflex:realwin:2.1:*:*:*:*:*:*:*
cpe:2.3:a:realflex:realwin:2.1:*:*:*:*:*:*:*
|
| CVSS |
| Base: | 10.0 (as of 22-09-2011 - 03:30) |
| Impact: | |
| Exploitability: | |
|
| CWE |
CWE-189 |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
LOW |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| COMPLETE |
COMPLETE |
COMPLETE |
|
| cvss-vector
via4
|
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
| refmap
via4
|
| bid | 46937 | | exploit-db | 17025 | | misc | | | secunia | 43848 | | sreason | 8177 | | vupen | ADV-2011-0742 |
|
| saint
via4
|
| bid | 46937 | | description | RealFlex RealWin FC_RFUSER_FCS_LOGIN Buffer Overflow | | title | datac_realwin_fcrfuserfcslogin | | type | remote |
| bid | 46937 | | description | RealFlex RealWin FC_SCRIPT_FCS_STARTPROG Buffer Overflow | | title | datac_realwin_fcscriptfcsstartprog | | type | remote |
| bid | 46937 | | description | DATAC RealWin SCADA Server TAG function stack overflow | | title | datac_realwin_tag_overflow | | type | remote |
|
| Last major update |
22-09-2011 - 03:30 |
| Published |
05-04-2011 - 15:19 |
| Last modified |
22-09-2011 - 03:30 |
