Vulnerabilites related to scadatec - scadaphone
Vulnerability from fkie_nvd
Published
2012-04-03 03:44
Modified
2025-04-11 00:51
Severity ?
Summary
Buffer overflow in TurboPower Abbrevia before 4.0, as used in ScadaTEC ScadaPhone 5.3.11.1230 and earlier, ScadaTEC ModbusTagServer 4.1.1.81 and earlier, and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ZIP file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| craig_peterson | turbopower_abbrevia | * | |
| scadatec | modbustagserver | * | |
| scadatec | scadaphone | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:craig_peterson:turbopower_abbrevia:*:*:*:*:*:*:*:*",
"matchCriteriaId": "815BD4A7-574B-47BF-AD7C-ABD26411DE44",
"versionEndIncluding": "3.05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:scadatec:modbustagserver:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5ADCC6BC-AEAC-4E43-B36B-2B1FF1DBC00B",
"versionEndIncluding": "4.1.1.81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:scadatec:scadaphone:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C41B9C82-D7B1-44EC-A379-01F9EDFCF0F6",
"versionEndIncluding": "5.3.11.1230",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in TurboPower Abbrevia before 4.0, as used in ScadaTEC ScadaPhone 5.3.11.1230 and earlier, ScadaTEC ModbusTagServer 4.1.1.81 and earlier, and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ZIP file."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en TurboPower Abbrevia anteriores a v4.0, como el usado en ScadaTEC ScadaPhone v5.3.11.1230 y anteriores, ScadaTEC ModbusTagServer v4.1.1.81 y anteriores, y otros productos, permite a atacantes remotos provocar una denegaci\u00f3n de servicio, (ca\u00edda de la aplicaci\u00f3n) o posiblemente ejecutar comandos a trav\u00e9s de un fichero ZIP manipulado."
}
],
"id": "CVE-2011-4535",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-04-03T03:44:36.117",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Patch"
],
"url": "http://sourceforge.net/projects/tpabbrevia/files/Abbrevia%204.0.zip/download"
},
{
"source": "cret@cert.org",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-362-01.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://sourceforge.net/projects/tpabbrevia/files/Abbrevia%204.0.zip/download"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-362-01.pdf"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
var-201204-0010
Vulnerability from variot
Buffer overflow in TurboPower Abbrevia before 4.0, as used in ScadaTEC ScadaPhone 5.3.11.1230 and earlier, ScadaTEC ModbusTagServer 4.1.1.81 and earlier, and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ZIP file. A failed attack can result in a denial of service. To trigger this vulnerability, you need to trick the target user into loading an object from the zip file. ScadaTEC ModbusTagServer and ScadaPhone are prone to a remote buffer-overflow vulnerability. The following versions are vulnerable: ScadaTEC ScadaPhone 5.3.11.1230 and prior. ScadaTEC ModbusTagServer 4.1.1.81 and prior
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201204-0010",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "modbustagserver",
"scope": "lte",
"trust": 1.8,
"vendor": "scadatec",
"version": "4.1.1.81"
},
{
"model": "scadaphone",
"scope": "lte",
"trust": 1.8,
"vendor": "scadatec",
"version": "5.3.11.1230"
},
{
"model": "modbustagserver",
"scope": "eq",
"trust": 1.5,
"vendor": "scadatec",
"version": "4.1.1.81"
},
{
"model": "scadaphone",
"scope": "eq",
"trust": 1.5,
"vendor": "scadatec",
"version": "5.3.11.1230"
},
{
"model": "turbopower abbrevia",
"scope": "lte",
"trust": 1.0,
"vendor": "craig peterson",
"version": "3.05"
},
{
"model": "turbopower abbrevia",
"scope": "lt",
"trust": 0.8,
"vendor": "turbopower abbrevia",
"version": "4.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "turbopower abbrevia",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "modbustagserver",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "scadaphone",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "98702d5c-1f89-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3615"
},
{
"db": "BID",
"id": "49560"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-005031"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-008"
},
{
"db": "NVD",
"id": "CVE-2011-4535"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:scadatec:modbustagserver",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:scadatec:scadaphone",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:craig_peterson:turbopower_abbrevia",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-005031"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "mr_me",
"sources": [
{
"db": "BID",
"id": "49560"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-148"
}
],
"trust": 0.9
},
"cve": "CVE-2011-4535",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2011-4535",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "98702d5c-1f89-11e6-abef-000c29c66e3d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-4535",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2011-4535",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201204-008",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "98702d5c-1f89-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "98702d5c-1f89-11e6-abef-000c29c66e3d"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-005031"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-008"
},
{
"db": "NVD",
"id": "CVE-2011-4535"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in TurboPower Abbrevia before 4.0, as used in ScadaTEC ScadaPhone 5.3.11.1230 and earlier, ScadaTEC ModbusTagServer 4.1.1.81 and earlier, and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ZIP file. A failed attack can result in a denial of service. To trigger this vulnerability, you need to trick the target user into loading an object from the zip file. ScadaTEC ModbusTagServer and ScadaPhone are prone to a remote buffer-overflow vulnerability. \nThe following versions are vulnerable:\nScadaTEC ScadaPhone 5.3.11.1230 and prior. \nScadaTEC ModbusTagServer 4.1.1.81 and prior",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-4535"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-005031"
},
{
"db": "CNVD",
"id": "CNVD-2011-3615"
},
{
"db": "BID",
"id": "49560"
},
{
"db": "IVD",
"id": "98702d5c-1f89-11e6-abef-000c29c66e3d"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-4535",
"trust": 2.9
},
{
"db": "ICS CERT",
"id": "ICSA-11-362-01",
"trust": 2.7
},
{
"db": "BID",
"id": "49560",
"trust": 1.5
},
{
"db": "CNVD",
"id": "CNVD-2011-3615",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201204-008",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-005031",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "104993",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201109-148",
"trust": 0.6
},
{
"db": "ICS CERT ALERT",
"id": "ICS-ALERT-11-255-01",
"trust": 0.3
},
{
"db": "IVD",
"id": "98702D5C-1F89-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "98702d5c-1f89-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3615"
},
{
"db": "BID",
"id": "49560"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-005031"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-148"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-008"
},
{
"db": "NVD",
"id": "CVE-2011-4535"
}
]
},
"id": "VAR-201204-0010",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "98702d5c-1f89-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3615"
}
],
"trust": 1.4
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "98702d5c-1f89-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3615"
}
]
},
"last_update_date": "2024-11-23T23:02:55.452000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.scadatec.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://tpabbrevia.sourceforge.net/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-005031"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-005031"
},
{
"db": "NVD",
"id": "CVE-2011-4535"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-11-362-01.pdf"
},
{
"trust": 1.6,
"url": "http://sourceforge.net/projects/tpabbrevia/files/abbrevia%204.0.zip/download"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4535"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4535"
},
{
"trust": 0.6,
"url": "http://packetstormsecurity.org/files/view/104993/scadatec-overflow.txt"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/49560"
},
{
"trust": 0.3,
"url": "http://www.scadatec.com/"
},
{
"trust": 0.3,
"url": "http://www.us-cert.gov/control_systems/pdf/ics-alert-11-255-01.pdf"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-3615"
},
{
"db": "BID",
"id": "49560"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-005031"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-148"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-008"
},
{
"db": "NVD",
"id": "CVE-2011-4535"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "98702d5c-1f89-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3615"
},
{
"db": "BID",
"id": "49560"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-005031"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-148"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-008"
},
{
"db": "NVD",
"id": "CVE-2011-4535"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-09-13T00:00:00",
"db": "IVD",
"id": "98702d5c-1f89-11e6-abef-000c29c66e3d"
},
{
"date": "2011-09-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-3615"
},
{
"date": "2011-09-09T00:00:00",
"db": "BID",
"id": "49560"
},
{
"date": "2012-04-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-005031"
},
{
"date": "1900-01-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201109-148"
},
{
"date": "2012-04-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201204-008"
},
{
"date": "2012-04-03T03:44:36.117000",
"db": "NVD",
"id": "CVE-2011-4535"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-09-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-3615"
},
{
"date": "2012-01-03T19:10:00",
"db": "BID",
"id": "49560"
},
{
"date": "2012-04-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-005031"
},
{
"date": "2011-09-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201109-148"
},
{
"date": "2012-04-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201204-008"
},
{
"date": "2024-11-21T01:32:29.790000",
"db": "NVD",
"id": "CVE-2011-4535"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201109-148"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-008"
}
],
"trust": 1.2
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ScadaTEC ModbusTagServer and ScadaPhone Remote Buffer Overflow Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-3615"
},
{
"db": "BID",
"id": "49560"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-148"
}
],
"trust": 1.5
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "98702d5c-1f89-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201109-148"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-008"
}
],
"trust": 1.4
}
}
CVE-2011-4535 (GCVE-0-2011-4535)
Vulnerability from cvelistv5
Published
2012-04-03 01:00
Modified
2024-09-17 00:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in TurboPower Abbrevia before 4.0, as used in ScadaTEC ScadaPhone 5.3.11.1230 and earlier, ScadaTEC ModbusTagServer 4.1.1.81 and earlier, and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ZIP file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.us-cert.gov/control_systems/pdf/ICSA-11-362-01.pdf | x_refsource_MISC | |
| http://sourceforge.net/projects/tpabbrevia/files/Abbrevia%204.0.zip/download | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:09:18.767Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-362-01.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://sourceforge.net/projects/tpabbrevia/files/Abbrevia%204.0.zip/download"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in TurboPower Abbrevia before 4.0, as used in ScadaTEC ScadaPhone 5.3.11.1230 and earlier, ScadaTEC ModbusTagServer 4.1.1.81 and earlier, and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ZIP file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-04-03T01:00:00Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-362-01.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://sourceforge.net/projects/tpabbrevia/files/Abbrevia%204.0.zip/download"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2011-4535",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in TurboPower Abbrevia before 4.0, as used in ScadaTEC ScadaPhone 5.3.11.1230 and earlier, ScadaTEC ModbusTagServer 4.1.1.81 and earlier, and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ZIP file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-362-01.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-362-01.pdf"
},
{
"name": "http://sourceforge.net/projects/tpabbrevia/files/Abbrevia%204.0.zip/download",
"refsource": "MISC",
"url": "http://sourceforge.net/projects/tpabbrevia/files/Abbrevia%204.0.zip/download"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2011-4535",
"datePublished": "2012-04-03T01:00:00Z",
"dateReserved": "2011-11-22T00:00:00Z",
"dateUpdated": "2024-09-17T00:50:42.593Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}