github - ghsa-w53j-c547-g9gf

ghsa-w53j-c547-g9gf

Vulnerability from github

Published

2022-05-17 05:09

Modified

2022-05-17 05:09

Details

Multiple buffer overflows in the ISSymbol ActiveX control in ISSymbol.ocx 61.6.0.0 and 301.1009.2904.0 in the ISSymbol virtual machine, as distributed in Advantech Studio 6.1 SP6 61.6.01.05, InduSoft Web Studio before 7.0+SP1, and InduSoft Thin Client 7.0, allow remote attackers to execute arbitrary code via a long (1) InternationalOrder, (2) InternationalSeparator, or (3) LogFileName property value; or (4) a long bstrFileName argument to the OpenScreen method.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2011-0340"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2011-05-04T22:55:00Z",
    "severity": "HIGH"
  },
  "details": "Multiple buffer overflows in the ISSymbol ActiveX control in ISSymbol.ocx 61.6.0.0 and 301.1009.2904.0 in the ISSymbol virtual machine, as distributed in Advantech Studio 6.1 SP6 61.6.01.05, InduSoft Web Studio before 7.0+SP1, and InduSoft Thin Client 7.0, allow remote attackers to execute arbitrary code via a long (1) InternationalOrder, (2) InternationalSeparator, or (3) LogFileName property value; or (4) a long bstrFileName argument to the OpenScreen method.",
  "id": "GHSA-w53j-c547-g9gf",
  "modified": "2022-05-17T05:09:38Z",
  "published": "2022-05-17T05:09:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0340"
    },
    {
      "type": "WEB",
      "url": "http://ics-cert.us-cert.gov/advisories/ICSA-12-249-03"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/42928"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/43116"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/secunia_research/2011-36"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/secunia_research/2011-37"
    },
    {
      "type": "WEB",
      "url": "http://www.advantechdirect.com/eMarketingPrograms/AStudio_Patch/AStudio7.0_Patch_Final.htm"
    },
    {
      "type": "WEB",
      "url": "http://www.indusoft.com/hotfixes/hotfixes.php"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/47596"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-137-02.pdf"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2011/1115"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2011/1116"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

cve-2011-0340

Vulnerability from cvelistv5

Published

2011-05-04 22:00

Modified

2024-08-06 21:51

Severity

Summary

References

URL	Tags
http://secunia.com/advisories/43116	third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/bid/47596	vdb-entry, x_refsource_BID
http://secunia.com/secunia_research/2011-37/	x_refsource_MISC
http://www.vupen.com/english/advisories/2011/1116	vdb-entry, x_refsource_VUPEN
http://ics-cert.us-cert.gov/advisories/ICSA-12-249-03	x_refsource_MISC
http://secunia.com/advisories/42928	third-party-advisory, x_refsource_SECUNIA
http://www.us-cert.gov/control_systems/pdf/ICSA-12-137-02.pdf	x_refsource_MISC
http://www.vupen.com/english/advisories/2011/1115	vdb-entry, x_refsource_VUPEN
http://www.indusoft.com/hotfixes/hotfixes.php	x_refsource_CONFIRM
http://secunia.com/secunia_research/2011-36/	x_refsource_MISC
http://www.advantechdirect.com/eMarketingPrograms/AStudio_Patch/AStudio7.0_Patch_Final.htm	x_refsource_CONFIRM

Impacted products

Vendor	Product
n/a	n/a

Show details on NVD website