Test Kennung:	1.3.6.1.4.1.25623.1.0.902376
Kategorie:	Buffer overflow
Titel:	InduSoft Products Multiple Buffer overflow Vulnerabilities
Zusammenfassung:	Indusoft products is prone to a buffer overflow vulnerability.
Beschreibung:	Summary: Indusoft products is prone to a buffer overflow vulnerability. Vulnerability Insight: The flaw exists due to a buffer overflow error in the ISSymbol ActiveX control (ISSymbol.ocx) when processing an overly long 'InternationalOrder', 'InternationalSeparator', 'bstrFileName' or 'LogFileName' property, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page. Vulnerability Impact: Successful exploitation will allow remote attackers to execute arbitrary code. Affected Software/OS: InduSoft Thin Client version 7.0 InduSoft Web Studio version before 7.0 SP1 Solution: Install the hotfix CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2011-0340 BugTraq ID: 47596 http://www.securityfocus.com/bid/47596 http://ics-cert.us-cert.gov/advisories/ICSA-12-249-03 http://secunia.com/secunia_research/2011-36/ http://secunia.com/secunia_research/2011-37/ http://www.us-cert.gov/control_systems/pdf/ICSA-12-137-02.pdf http://secunia.com/advisories/42928 http://secunia.com/advisories/43116 http://www.vupen.com/english/advisories/2011/1115 http://www.vupen.com/english/advisories/2011/1116
Copyright	Copyright (C) 2011 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.