Vulnerability Details CVE-2011-1918
Stack-based buffer overflow in the Data Archiver service in GE Intelligent Platforms Proficy Historian before 3.5 SIM 17 and 4.x before 4.0 SIM 12 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted TCP message traffic.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 74.9%
CVSS Severity
CVSS v2 Score 10.0
References
- http://ics-cert.us-cert.gov/advisories/ICSA-11-243-03A
- http://www.securityfocus.com/bid/50475
- http://www.us-cert.gov/control_systems/pdf/ICSA-11-243-03.pdf
- http://ics-cert.us-cert.gov/advisories/ICSA-11-243-03A
- http://www.securityfocus.com/bid/50475
- http://www.us-cert.gov/control_systems/pdf/ICSA-11-243-03.pdf
Products affected by CVE-2011-1918
-
cpe:2.3:a:ge:intelligent_platforms_proficy_historian:1.0
-
cpe:2.3:a:ge:intelligent_platforms_proficy_historian:2.0
-
cpe:2.3:a:ge:intelligent_platforms_proficy_historian:3.0
-
cpe:2.3:a:ge:intelligent_platforms_proficy_historian:3.1
-
cpe:2.3:a:ge:intelligent_platforms_proficy_historian:3.5
-
cpe:2.3:a:ge:intelligent_platforms_proficy_historian:4.0