CVSS: 9.3EPSS: 0%CPEs: 11EXPL: 0CVE-2011-4053
https://notcve.org/view.php?id=CVE-2011-4053
Untrusted search path vulnerability in 7-Technologies (7T) Interactive Graphical SCADA System (IGSS) before 9.0.0.11291 allows local users to gain privileges via a Trojan horse DLL in the current working directory. Una vulnerabilidad de ruta de búsqueda no confiable en 7-Technologies (7T) Interactive Graphical SCADA System (IGSS), antes de v9.0.0.11291 permite a usuarios locales conseguir privilegios a través de un DLL troyano en el directorio de trabajo actual. • http://www.us-cert.gov/control_systems/pdf/ICSA-11-353-01.pdf •
CVSS: 7.5EPSS: 3%CPEs: 1EXPL: 0CVE-2011-4537
https://notcve.org/view.php?id=CVE-2011-4537
Multiple buffer overflows in 7-Technologies (7T) Interactive Graphical SCADA System (IGSS) 9.0.0.11355 and earlier allow remote attackers to execute arbitrary code or cause a denial of service via a crafted packet to TCP port (1) 12397 or (2) 12399. Múltiples desbordamientos de búfer en 7-Technologies (7T) Interactive Graphical SCADA System (IGSS) v9.0.0.11355 y anteriores permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio a través de un paquete manipulado del puerto TCP (1) 12397 o (2) 12399. • http://www.osvdb.org/77977 http://www.us-cert.gov/control_systems/pdf/ICSA-11-355-01-7.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/71931 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.0EPSS: 4%CPEs: 1EXPL: 0CVE-2011-4050 – 7-Technologies IGSS 9 IGSSdataServer.exe Denial Of Service
https://notcve.org/view.php?id=CVE-2011-4050
Buffer overflow in 7-Technologies (7T) Interactive Graphical SCADA System (IGSS) 9.0.0.11200 allows remote attackers to cause a denial of service via a crafted packet to TCP port 12401. Desbordamiento de búfer en 7-Technologies (7T) Interactive Graphical SCADA System (IGSS) v9.0.0.11200 permite a atacantes remotos provocar una denegación de servicio a través de paquetes manipulados en el puerto TCP 12401. The 7-Technologies SCADA IGSS Data Server (IGSSdataServer.exe) versions 9.0.0.10306 and below can be brought down by sending a crafted TCP packet to port 12401. • http://www.osvdb.org/77976 http://www.us-cert.gov/control_systems/pdf/ICSA-11-335-01.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/71915 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2011-3339
https://notcve.org/view.php?id=CVE-2011-3339
Cross-site scripting (XSS) vulnerability in the Admin Control Center in Sentinel HASP Run-time Environment 5.95 and earlier in SafeNet Sentinel HASP (formerly Aladdin HASP SRM) run-time installer before 6.x and SDK before 5.11, as used in 7 Technologies (7T) IGSS 7 and other products, when Firefox 2.0 is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors that trigger write access to a configuration file. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en el "Admin Control Center" de Sentinel HASP Run-time Environment 5.95 y versiones anteriores de SafeNet Sentinel HASP (anteriormente Aladdin HASP SRM) run-time installer en versiones anteriores a 6.x y SDK anteriores a 5.11, tal como se utiliza en 7 Technologies (7T) IGSS 7 y otros productos, si Firefox 2.0 es utilizado, permite a atacantes remotos inyectar codigo de script web o código HTML de su elección a través de vectores desconocidos que provocan el acceso de escritura al archivo de configuración. • http://www.safenet-inc.com/support-downloads/sentinel-drivers/CVE-2011-3339 http://www.securityfocus.com/bid/51028 http://www.us-cert.gov/control_systems/pdf/ICSA-11-314-01.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/71789 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 4%CPEs: 9EXPL: 0CVE-2011-2959
https://notcve.org/view.php?id=CVE-2011-2959
Stack-based buffer overflow in the Open Database Connectivity (ODBC) service (Odbcixv9se.exe) in 7-Technologies Interactive Graphical SCADA System (IGSS) 9 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet to TCP port 22202. Desbordamiento de búfer basado en pila en el servicio ODBC - Open Database Connectivity (Odbcixv9se.exe) en 7-Technologies Interactive Graphical SCADA System (IGSS) v9 y anteriores permite a atacantes remotos causar una denegación de servicio (caída de la aplicación) y posiblemente ejecutar código de su elección a través de un paquete especialmente modificado contra el puerto TCP 22202. • http://secunia.com/advisories/44345 http://www.insomniasec.com/advisories/ISVA-110427.1.htm http://www.osvdb.org/72117 http://www.us-cert.gov/control_systems/pdf/ICSA-11-119-01.pdf • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •