CVSS: 9.3EPSS: 3%CPEs: 3EXPL: 0CVE-2011-2962
https://notcve.org/view.php?id=CVE-2011-2962
Multiple stack-based buffer overflows in Invensys Wonderware Information Server 3.1, 4.0, and 4.0 SP1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via two unspecified ActiveX controls. Múltiples desbordamientos de búfer basado en la pila en Invensys Wonderware Information Server v3.1, v4.0 y v4.0 SP1 permiten a atacantes remotos causar una denegación de servicio (caída de la aplicación) y posiblemente ejecutar código de su elección a través de dos controles ActiveX no especificados. • http://secunia.com/advisories/45476 http://www.securityfocus.com/bid/48976 http://www.us-cert.gov/control_systems/pdf/ICSA-11-195-01.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/68988 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •