var-201105-0286
Vulnerability from variot
Unspecified vulnerability in the Open Database Connectivity (ODBC) component in 7T Interactive Graphical SCADA System (IGSS) before 9.0.0.11143 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 20222, which triggers memory corruption related to an "invalid structure being used.". The 7T Interactive Graphical SCADA System is an automated monitoring and control system. Using an illegal structure can result in an exploitable condition that can successfully execute arbitrary code in the application context. Successfully exploiting this issue will completely compromise an affected computer. Failed exploit attempts will result in a denial-of-service condition. Versions prior to Interactive Graphical SCADA System 9.0.0.11143 are vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201105-0286",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "igss",
"scope": "eq",
"trust": 1.6,
"vendor": "7t",
"version": "8"
},
{
"model": "igss",
"scope": "eq",
"trust": 1.6,
"vendor": "7t",
"version": "9"
},
{
"model": "igss",
"scope": "lte",
"trust": 1.0,
"vendor": "7t",
"version": "9.0.0.11129"
},
{
"model": "interactive graphical scada system",
"scope": "eq",
"trust": 0.9,
"vendor": "7",
"version": "8"
},
{
"model": "interactive graphical scada system",
"scope": "eq",
"trust": 0.9,
"vendor": "7",
"version": "9"
},
{
"model": "interactive graphical scada system",
"scope": "eq",
"trust": 0.9,
"vendor": "7",
"version": "9.0.0.11129"
},
{
"model": "interactive graphical scada system",
"scope": "lt",
"trust": 0.8,
"vendor": "7",
"version": "9.0.0.11143"
},
{
"model": "igss",
"scope": "eq",
"trust": 0.6,
"vendor": "7t",
"version": "9.0.0.11129"
},
{
"model": "interactive graphical scada system",
"scope": "eq",
"trust": 0.3,
"vendor": "7",
"version": "0"
},
{
"model": "interactive graphical scada system",
"scope": "ne",
"trust": 0.3,
"vendor": "7",
"version": "9.0.0.11143"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "igss",
"version": "8"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "igss",
"version": "9"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "igss",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "8bd5a710-1f94-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-1968"
},
{
"db": "BID",
"id": "47960"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004675"
},
{
"db": "CNNVD",
"id": "CNNVD-201105-300"
},
{
"db": "NVD",
"id": "CVE-2011-2214"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:7t:igss",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-004675"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sebastien Renaud of VUPEN Security",
"sources": [
{
"db": "BID",
"id": "47960"
}
],
"trust": 0.3
},
"cve": "CVE-2011-2214",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2011-2214",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "8bd5a710-1f94-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-2214",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2011-2214",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201105-300",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "8bd5a710-1f94-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "8bd5a710-1f94-11e6-abef-000c29c66e3d"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004675"
},
{
"db": "CNNVD",
"id": "CNNVD-201105-300"
},
{
"db": "NVD",
"id": "CVE-2011-2214"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified vulnerability in the Open Database Connectivity (ODBC) component in 7T Interactive Graphical SCADA System (IGSS) before 9.0.0.11143 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 20222, which triggers memory corruption related to an \"invalid structure being used.\". The 7T Interactive Graphical SCADA System is an automated monitoring and control system. Using an illegal structure can result in an exploitable condition that can successfully execute arbitrary code in the application context. Successfully exploiting this issue will completely compromise an affected computer. Failed exploit attempts will result in a denial-of-service condition. \nVersions prior to Interactive Graphical SCADA System 9.0.0.11143 are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-2214"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004675"
},
{
"db": "CNVD",
"id": "CNVD-2011-1968"
},
{
"db": "BID",
"id": "47960"
},
{
"db": "IVD",
"id": "8bd5a710-1f94-11e6-abef-000c29c66e3d"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-2214",
"trust": 2.9
},
{
"db": "BID",
"id": "47960",
"trust": 2.5
},
{
"db": "SREASON",
"id": "8265",
"trust": 1.0
},
{
"db": "CNVD",
"id": "CNVD-2011-1968",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201105-300",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004675",
"trust": 0.8
},
{
"db": "BUGTRAQ",
"id": "20110524 VUPEN SECURITY RESEARCH - 7T INTERACTIVE GRAPHICAL SCADA SYSTEM (IGSS) REMOTE MEMORY CORRUPTION",
"trust": 0.6
},
{
"db": "IVD",
"id": "8BD5A710-1F94-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "8bd5a710-1f94-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-1968"
},
{
"db": "BID",
"id": "47960"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004675"
},
{
"db": "CNNVD",
"id": "CNNVD-201105-300"
},
{
"db": "NVD",
"id": "CVE-2011-2214"
}
]
},
"id": "VAR-201105-0286",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "8bd5a710-1f94-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-1968"
}
],
"trust": 1.46741073
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "8bd5a710-1f94-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-1968"
}
]
},
"last_update_date": "2024-11-23T22:27:40.769000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.igss.com/index.htm"
},
{
"title": "7T Interactive Graphical SCADA System System ODBC Message Remote Memory Corruption Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/3936"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-1968"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004675"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-2214"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/47960"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/518110/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://securityreason.com/securityalert/8265"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2214"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-2214"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/518110"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/518110/100/0/threaded"
},
{
"trust": 0.3,
"url": "http://www.igss.com/"
},
{
"trust": 0.3,
"url": "/archive/1/518110"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-1968"
},
{
"db": "BID",
"id": "47960"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004675"
},
{
"db": "CNNVD",
"id": "CNNVD-201105-300"
},
{
"db": "NVD",
"id": "CVE-2011-2214"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "8bd5a710-1f94-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-1968"
},
{
"db": "BID",
"id": "47960"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004675"
},
{
"db": "CNNVD",
"id": "CNNVD-201105-300"
},
{
"db": "NVD",
"id": "CVE-2011-2214"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-05-25T00:00:00",
"db": "IVD",
"id": "8bd5a710-1f94-11e6-abef-000c29c66e3d"
},
{
"date": "2011-05-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-1968"
},
{
"date": "2011-05-24T00:00:00",
"db": "BID",
"id": "47960"
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-004675"
},
{
"date": "2011-05-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201105-300"
},
{
"date": "2011-05-31T20:55:05.297000",
"db": "NVD",
"id": "CVE-2011-2214"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-05-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-1968"
},
{
"date": "2015-04-13T21:01:00",
"db": "BID",
"id": "47960"
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-004675"
},
{
"date": "2011-06-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201105-300"
},
{
"date": "2024-11-21T01:27:49.883000",
"db": "NVD",
"id": "CVE-2011-2214"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201105-300"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "7T Interactive Graphical SCADA System system ODBC Message Remote Memory Corruption Vulnerability",
"sources": [
{
"db": "IVD",
"id": "8bd5a710-1f94-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-1968"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201105-300"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…