CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2011-3489

RnaUtility.dll in RsvcHost.exe 2.30.0.23 in Rockwell RSLogix 19 and earlier allows remote attackers to cause a denial of service (crash) via a crafted rna packet with a long string to TCP port 4446 that triggers (1) "a memset zero overflow" or (2) an out-of-bounds read, related to improper handling of a 32-bit size field.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 44.8%

CVSS Severity

CVSS v2 Score 5.0

References

http://aluigi.altervista.org/adv/rslogix_1-adv.txt
http://securityreason.com/securityalert/8383
http://www.securityfocus.com/bid/49608
https://exchange.xforce.ibmcloud.com/vulnerabilities/69808
http://aluigi.altervista.org/adv/rslogix_1-adv.txt
http://securityreason.com/securityalert/8383
http://www.securityfocus.com/bid/49608
https://exchange.xforce.ibmcloud.com/vulnerabilities/69808

Products affected by CVE-2011-3489

Rockwellautomation » Rslogix » Version: N/A

cpe:2.3:a:rockwellautomation:rslogix:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-3489

Products

Pricing

Contact Us