CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2011-4535

Buffer overflow in TurboPower Abbrevia before 4.0, as used in ScadaTEC ScadaPhone 5.3.11.1230 and earlier, ScadaTEC ModbusTagServer 4.1.1.81 and earlier, and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ZIP file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.744

EPSS Ranking 98.8%

CVSS Severity

CVSS v2 Score 6.8

References

http://sourceforge.net/projects/tpabbrevia/files/Abbrevia%204.0.zip/download
http://www.us-cert.gov/control_systems/pdf/ICSA-11-362-01.pdf
http://sourceforge.net/projects/tpabbrevia/files/Abbrevia%204.0.zip/download
http://www.us-cert.gov/control_systems/pdf/ICSA-11-362-01.pdf

Products affected by CVE-2011-4535

Craig Peterson » Turbopower Abbrevia » Version: 3.05

cpe:2.3:a:craig_peterson:turbopower_abbrevia:3.05
Scadatec » Modbustagserver » Version: 4.1.1.81

cpe:2.3:a:scadatec:modbustagserver:4.1.1.81
Scadatec » Scadaphone » Version: 5.3.11.1230

cpe:2.3:a:scadatec:scadaphone:5.3.11.1230

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-4535

Products

Pricing

Contact Us