ghsa-3gp6-fj2v-m5f7
Vulnerability from github
Published
2022-05-17 01:53
Modified
2022-05-17 01:53
Details
Heap-based buffer overflow in the Siemens WinCC Runtime Advanced Loader, as used in SIMATIC WinCC flexible Runtime and SIMATIC WinCC (TIA Portal) Runtime Advanced, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted packet to TCP port 2308.
{ "affected": [], "aliases": [ "CVE-2011-3321" ], "database_specific": { "cwe_ids": [ "CWE-119" ], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2011-09-16T12:35:00Z", "severity": "HIGH" }, "details": "Heap-based buffer overflow in the Siemens WinCC Runtime Advanced Loader, as used in SIMATIC WinCC flexible Runtime and SIMATIC WinCC (TIA Portal) Runtime Advanced, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted packet to TCP port 2308.", "id": "GHSA-3gp6-fj2v-m5f7", "modified": "2022-05-17T01:53:42Z", "published": "2022-05-17T01:53:42Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-3321" }, { "type": "WEB", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69803" }, { "type": "WEB", "url": "http://cache.automation.siemens.com/dnl/jI/jI0NDY5AAAA_29054992_FAQ/Siemens_Security_Advisory_SSA-460621_V1_2.pdf" }, { "type": "WEB", "url": "http://secunia.com/advisories/46011" }, { "type": "WEB", "url": "http://support.automation.siemens.com/WW/view/en/29054992" }, { "type": "WEB", "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-244-01.pdf" } ], "schema_version": "1.4.0", "severity": [] }
Loading...
Loading...
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.