ID

VAR-201105-0156


CVE

CVE-2011-0340


TITLE

ISSymbol Virtual machine ISSymbol ActiveX Control buffer overflow vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2011-004090

DESCRIPTION

Multiple buffer overflows in the ISSymbol ActiveX control in ISSymbol.ocx 61.6.0.0 and 301.1009.2904.0 in the ISSymbol virtual machine, as distributed in Advantech Studio 6.1 SP6 61.6.01.05, InduSoft Web Studio before 7.0+SP1, and InduSoft Thin Client 7.0, allow remote attackers to execute arbitrary code via a long (1) InternationalOrder, (2) InternationalSeparator, or (3) LogFileName property value; or (4) a long bstrFileName argument to the OpenScreen method. Overly long to method bstrFileName argument. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Indusoft Thin Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within ISSymbol.ocx ActiveX component. When an overly large string is passed as the 'InternationalOrder' parameter, a heap overflow occurs. This vulnerability can be leveraged to execute code under the context of the user running the browser. InduSoft Web Studio is a powerful and complete graphics control software that includes the various functional modules required to develop Human Machine Interface (HMI), Management Control, Data Acquisition System (SCADA) and embedded control. The Advantech Studio ISSymbol ActiveX control handles boundary errors in the \"InternationalSeparator\" property. The Advantech Studio ISSymbol ActiveX control is prone to multiple buffer-overflow vulnerabilities because the application fails to perform adequate boundary checks on user-supplied input. Failed exploit attempts will likely result in denial-of-service conditions. Advantech Studio 6.1 SP6 Build 61.6.01.05 is vulnerable; other versions may also be affected. There are multiple buffer overflow vulnerabilities in InduSoft ISSymbol ActiveX control 6.1 SP6 Build 61.6.01.05 (ISSymbol.ocx 61.6.0.0) and other versions. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-155 : InduSoft Thin Client ISSymbol InternationalOrder Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-155 August 22, 2012 - -- CVE ID: CVE-2011-0340 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected Vendors: Indusoft - -- Affected Products: Indusoft WebStudio - -- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers have been protected against this vulnerability by Digital Vaccine protection filter ID 12505. - -- Vendor Response: Indusoft has issued an update to correct this vulnerability. More details can be found at: http://www.indusoft.com/hotfixes/hotfixes.php - -- Disclosure Timeline: 2011-10-28 - Vulnerability reported to vendor 2012-08-22 - Coordinated public release of advisory - -- Credit: This vulnerability was discovered by: * Alexander Gavrun - -- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities. Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at: http://www.zerodayinitiative.com The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product. Our vulnerability disclosure policy is available online at: http://www.zerodayinitiative.com/advisories/disclosure_policy/ Follow the ZDI on Twitter: http://twitter.com/thezdi -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 10.2.0 (Build 1950) Charset: utf-8 wsBVAwUBUDUFHFVtgMGTo1scAQJ1Twf8C0MRiovFv7JVpAgg+lOYT3HW7MYdUKAx /I+4hvkGyeKKCCkvIOkx0y7eSdwp4paxVZAd0WYTfsG0K1h+bBngt6m+3Nicx0Iq YuqyOluJTW4ymXUSwvX8MZ39709DQXEl5yp9JvIX+Dc4WY7TKauGYKIfbb/VRMQq VYgQPhnlv8laGORlVREpu+yrOPdYLbQSucewpaLXd4b8uw1+Kmurjepiil5vxqPD G3fD23i1jGrbg6aX0AlvECo1M12alERft7wjtI21D7VP7G3uBYwiAJ8jxutavMQY Yf5K6rzdbx+96MuFco7aYB49GBQDpMYvWeWur3YEv1GqR7bSotpO1Q== =Yxrq -----END PGP SIGNATURE-----

Trust: 6.3

sources: NVD: CVE-2011-0340 // JVNDB: JVNDB-2011-004090 // ZDI: ZDI-12-155 // ZDI: ZDI-12-168 // CNVD: CNVD-2011-1637 // CNVD: CNVD-2011-1636 // CNVD: CNVD-2011-1634 // CNVD: CNVD-2011-1635 // BID: 47596 // IVD: 03126d9a-2355-11e6-abef-000c29c66e3d // IVD: 0a3c1e31-e21b-43a6-bc03-7b31c6d49349 // IVD: b3a31758-1f96-11e6-abef-000c29c66e3d // IVD: d282dd20-1f96-11e6-abef-000c29c66e3d // VULHUB: VHN-48285 // PACKETSTORM: 115995 // PACKETSTORM: 115807

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 3.2

sources: IVD: 03126d9a-2355-11e6-abef-000c29c66e3d // IVD: 0a3c1e31-e21b-43a6-bc03-7b31c6d49349 // IVD: b3a31758-1f96-11e6-abef-000c29c66e3d // IVD: d282dd20-1f96-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-1637 // CNVD: CNVD-2011-1636 // CNVD: CNVD-2011-1634 // CNVD: CNVD-2011-1635

AFFECTED PRODUCTS

vendor:indusoftmodel:thin clientscope:eqversion:7.0

Trust: 3.7

vendor:indusoftmodel:web studio 7.0b2scope: - version: -

Trust: 2.7

vendor:advantechmodel:studio sp6 buildscope:eqversion:6.161.6.0

Trust: 2.7

vendor:web studiomodel: - scope:eqversion:6.1

Trust: 1.6

vendor:indusoftmodel:web studioscope:eqversion:6.1

Trust: 1.6

vendor:indusoftmodel:webstudioscope: - version: -

Trust: 1.4

vendor:indusoftmodel:web studioscope:lteversion:7.0

Trust: 1.0

vendor:advantechmodel:studioscope:eqversion:6.1

Trust: 1.0

vendor:advantech studiomodel: - scope:eqversion:6.1

Trust: 0.8

vendor:thin clientmodel: - scope:eqversion:7.0

Trust: 0.8

vendor:web studiomodel: - scope:eqversion:*

Trust: 0.8

vendor:schneider electricmodel:indusoft web studioscope:ltversion:7.0+sp1

Trust: 0.8

vendor:schneider electricmodel:thin clientscope:eqversion:7.0

Trust: 0.8

vendor:advantechmodel:studioscope:eqversion:6.1:sp6_61.6.01.05

Trust: 0.8

vendor:indusoftmodel:web studioscope:neversion:7.0.104

Trust: 0.3

vendor:advantechmodel:studioscope:neversion:7.0

Trust: 0.3

sources: IVD: 03126d9a-2355-11e6-abef-000c29c66e3d // IVD: 0a3c1e31-e21b-43a6-bc03-7b31c6d49349 // IVD: b3a31758-1f96-11e6-abef-000c29c66e3d // IVD: d282dd20-1f96-11e6-abef-000c29c66e3d // ZDI: ZDI-12-155 // ZDI: ZDI-12-168 // CNVD: CNVD-2011-1637 // CNVD: CNVD-2011-1636 // CNVD: CNVD-2011-1634 // CNVD: CNVD-2011-1635 // BID: 47596 // JVNDB: JVNDB-2011-004090 // CNNVD: CNNVD-201104-318 // NVD: CVE-2011-0340

CVSS

SEVERITY

CVSSV2

CVSSV3

ZDI: CVE-2011-0340
value: HIGH

Trust: 1.4

nvd@nist.gov: CVE-2011-0340
value: HIGH

Trust: 1.0

NVD: CVE-2011-0340
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201104-318
value: CRITICAL

Trust: 0.6

IVD: 03126d9a-2355-11e6-abef-000c29c66e3d
value: CRITICAL

Trust: 0.2

IVD: 0a3c1e31-e21b-43a6-bc03-7b31c6d49349
value: CRITICAL

Trust: 0.2

IVD: b3a31758-1f96-11e6-abef-000c29c66e3d
value: CRITICAL

Trust: 0.2

IVD: d282dd20-1f96-11e6-abef-000c29c66e3d
value: CRITICAL

Trust: 0.2

VULHUB: VHN-48285
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2011-0340
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

ZDI: CVE-2011-0340
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.4

IVD: 03126d9a-2355-11e6-abef-000c29c66e3d
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

IVD: 0a3c1e31-e21b-43a6-bc03-7b31c6d49349
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

IVD: b3a31758-1f96-11e6-abef-000c29c66e3d
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

IVD: d282dd20-1f96-11e6-abef-000c29c66e3d
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-48285
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: IVD: 03126d9a-2355-11e6-abef-000c29c66e3d // IVD: 0a3c1e31-e21b-43a6-bc03-7b31c6d49349 // IVD: b3a31758-1f96-11e6-abef-000c29c66e3d // IVD: d282dd20-1f96-11e6-abef-000c29c66e3d // ZDI: ZDI-12-155 // ZDI: ZDI-12-168 // VULHUB: VHN-48285 // JVNDB: JVNDB-2011-004090 // CNNVD: CNNVD-201104-318 // NVD: CVE-2011-0340

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-48285 // JVNDB: JVNDB-2011-004090 // NVD: CVE-2011-0340

THREAT TYPE

remote

Trust: 0.8

sources: PACKETSTORM: 115995 // PACKETSTORM: 115807 // CNNVD: CNNVD-201104-318

TYPE

Buffer overflow

Trust: 1.4

sources: IVD: 03126d9a-2355-11e6-abef-000c29c66e3d // IVD: 0a3c1e31-e21b-43a6-bc03-7b31c6d49349 // IVD: b3a31758-1f96-11e6-abef-000c29c66e3d // IVD: d282dd20-1f96-11e6-abef-000c29c66e3d // CNNVD: CNNVD-201104-318

CONFIGURATIONS

sources: JVNDB: JVNDB-2011-004090

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-48285

PATCH

title:Indusoft has issued an update to correct this vulnerability.url:http://www.indusoft.com/hotfixes/hotfixes.php

Trust: 1.4

title:Top Pageurl:http://www.advantech.com/products/

Trust: 0.8

title:Advantech Studio ISSymbol ActiveX Buffer Overflowurl:http://www.advantechdirect.com/eMarketingPrograms/AStudio_Patch/AStudio7.0_Patch_Final.htm

Trust: 0.8

title:Security Updates and Hotfixesurl:http://www.indusoft.com/Login?returnurl=%2fProducts-Downloads%2fSecurity-Hotfix-Updates

Trust: 0.8

title:Advantech Studio ISSymbol ActiveX control has a patch for border vulnerabilities when creating log filesurl:https://www.cnvd.org.cn/patchInfo/show/3696

Trust: 0.6

title:Advantech Studio ISSymbol ActiveX control handles patches for boundary violations in some windows processesurl:https://www.cnvd.org.cn/patchInfo/show/3695

Trust: 0.6

title:Advantech Studio ISSymbol ActiveX Control Processingurl:https://www.cnvd.org.cn/patchInfo/show/3693

Trust: 0.6

title:Advantech Studio ISSymbol ActiveX control handles the \"InternationalSeparator\" attribute with a border vulnerability patchurl:https://www.cnvd.org.cn/patchInfo/show/3694

Trust: 0.6

sources: ZDI: ZDI-12-155 // ZDI: ZDI-12-168 // CNVD: CNVD-2011-1637 // CNVD: CNVD-2011-1636 // CNVD: CNVD-2011-1634 // CNVD: CNVD-2011-1635 // JVNDB: JVNDB-2011-004090

EXTERNAL IDS

db:NVDid:CVE-2011-0340

Trust: 7.6

db:ICS CERTid:ICSA-12-137-02

Trust: 2.2

db:ICS CERTid:ICSA-12-249-03

Trust: 1.9

db:SECUNIAid:43116

Trust: 1.7

db:CNNVDid:CNNVD-201104-318

Trust: 1.5

db:BIDid:47596

Trust: 1.4

db:SECUNIAid:42928

Trust: 1.1

db:VUPENid:ADV-2011-1115

Trust: 1.1

db:VUPENid:ADV-2011-1116

Trust: 1.1

db:CNVDid:CNVD-2011-1635

Trust: 0.8

db:CNVDid:CNVD-2011-1637

Trust: 0.8

db:CNVDid:CNVD-2011-1634

Trust: 0.8

db:CNVDid:CNVD-2011-1636

Trust: 0.8

db:ZDIid:ZDI-12-155

Trust: 0.8

db:ZDIid:ZDI-12-168

Trust: 0.8

db:ICS CERTid:ICSA-11-168-01A

Trust: 0.8

db:ICS CERT ALERTid:ICS-ALERT-11-131-01

Trust: 0.8

db:JVNDBid:JVNDB-2011-004090

Trust: 0.8

db:ZDI_CANid:ZDI-CAN-1341

Trust: 0.7

db:ZDI_CANid:ZDI-CAN-1342

Trust: 0.7

db:NSFOCUSid:17594

Trust: 0.6

db:ICS CERT ALERTid:ICS-ALERT-11-230-01

Trust: 0.3

db:IVDid:03126D9A-2355-11E6-ABEF-000C29C66E3D

Trust: 0.2

db:IVDid:0A3C1E31-E21B-43A6-BC03-7B31C6D49349

Trust: 0.2

db:IVDid:B3A31758-1F96-11E6-ABEF-000C29C66E3D

Trust: 0.2

db:IVDid:D282DD20-1F96-11E6-ABEF-000C29C66E3D

Trust: 0.2

db:PACKETSTORMid:115995

Trust: 0.2

db:PACKETSTORMid:115807

Trust: 0.2

db:PACKETSTORMid:118932

Trust: 0.1

db:SEEBUGid:SSVID-77261

Trust: 0.1

db:EXPLOIT-DBid:23500

Trust: 0.1

db:VULHUBid:VHN-48285

Trust: 0.1

sources: IVD: 03126d9a-2355-11e6-abef-000c29c66e3d // IVD: 0a3c1e31-e21b-43a6-bc03-7b31c6d49349 // IVD: b3a31758-1f96-11e6-abef-000c29c66e3d // IVD: d282dd20-1f96-11e6-abef-000c29c66e3d // ZDI: ZDI-12-155 // ZDI: ZDI-12-168 // CNVD: CNVD-2011-1637 // CNVD: CNVD-2011-1636 // CNVD: CNVD-2011-1634 // CNVD: CNVD-2011-1635 // VULHUB: VHN-48285 // BID: 47596 // JVNDB: JVNDB-2011-004090 // PACKETSTORM: 115995 // PACKETSTORM: 115807 // CNNVD: CNNVD-201104-318 // NVD: CVE-2011-0340

REFERENCES

url:http://www.indusoft.com/hotfixes/hotfixes.php

Trust: 3.6

url:http://secunia.com/secunia_research/2011-37/http

Trust: 2.4

url:http://www.us-cert.gov/control_systems/pdf/icsa-12-137-02.pdf

Trust: 2.2

url:http://ics-cert.us-cert.gov/advisories/icsa-12-249-03

Trust: 1.9

url:http://secunia.com/secunia_research/2011-36/

Trust: 1.7

url:http://secunia.com/advisories/43116

Trust: 1.7

url:http://secunia.com/secunia_research/2011-37/

Trust: 1.4

url:http://www.securityfocus.com/bid/47596

Trust: 1.1

url:http://www.advantechdirect.com/emarketingprograms/astudio_patch/astudio7.0_patch_final.htm

Trust: 1.1

url:http://secunia.com/advisories/42928

Trust: 1.1

url:http://www.vupen.com/english/advisories/2011/1115

Trust: 1.1

url:http://www.vupen.com/english/advisories/2011/1116

Trust: 1.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0340

Trust: 0.8

url:http://www.us-cert.gov/control_systems/pdf/icsa-11-168-01a.pdf

Trust: 0.8

url:http://www.us-cert.gov/control_systems/pdf/ics-alert-11-131-01.pdf

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0340

Trust: 0.8

url:http://www.nsfocus.net/vulndb/17594

Trust: 0.6

url:http://www.advantech.com/products/advantech-studio/mod_3d1b45b0-b0af-405c-a9cc-a27b35774634.aspx

Trust: 0.3

url:http://www.indusoft.com/indusoftart.php?catid=1&name=iws/webstudio

Trust: 0.3

url:http://www.us-cert.gov/control_systems/pdf/ics-alert-11-230-01.pdf

Trust: 0.3

url:http://www.zerodayinitiative.com/advisories/disclosure_policy/

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-0340

Trust: 0.2

url:http://twitter.com/thezdi

Trust: 0.2

url:http://www.tippingpoint.com

Trust: 0.2

url:http://www.zerodayinitiative.com

Trust: 0.2

url:http://www.zerodayinitiative.com/advisories/zdi-12-168

Trust: 0.1

url:http://www.zerodayinitiative.com/advisories/zdi-12-155

Trust: 0.1

sources: ZDI: ZDI-12-155 // ZDI: ZDI-12-168 // CNVD: CNVD-2011-1637 // CNVD: CNVD-2011-1636 // CNVD: CNVD-2011-1634 // CNVD: CNVD-2011-1635 // VULHUB: VHN-48285 // BID: 47596 // JVNDB: JVNDB-2011-004090 // PACKETSTORM: 115995 // PACKETSTORM: 115807 // CNNVD: CNNVD-201104-318 // NVD: CVE-2011-0340

CREDITS

Alexander Gavrun

Trust: 1.4

sources: ZDI: ZDI-12-155 // ZDI: ZDI-12-168

SOURCES

db:IVDid:03126d9a-2355-11e6-abef-000c29c66e3d
db:IVDid:0a3c1e31-e21b-43a6-bc03-7b31c6d49349
db:IVDid:b3a31758-1f96-11e6-abef-000c29c66e3d
db:IVDid:d282dd20-1f96-11e6-abef-000c29c66e3d
db:ZDIid:ZDI-12-155
db:ZDIid:ZDI-12-168
db:CNVDid:CNVD-2011-1637
db:CNVDid:CNVD-2011-1636
db:CNVDid:CNVD-2011-1634
db:CNVDid:CNVD-2011-1635
db:VULHUBid:VHN-48285
db:BIDid:47596
db:JVNDBid:JVNDB-2011-004090
db:PACKETSTORMid:115995
db:PACKETSTORMid:115807
db:CNNVDid:CNNVD-201104-318
db:NVDid:CVE-2011-0340

LAST UPDATE DATE

2024-11-20T22:41:50.994000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-12-155date:2012-08-22T00:00:00
db:ZDIid:ZDI-12-168date:2012-08-29T00:00:00
db:CNVDid:CNVD-2011-1637date:2011-04-28T00:00:00
db:CNVDid:CNVD-2011-1636date:2011-04-28T00:00:00
db:CNVDid:CNVD-2011-1634date:2011-04-28T00:00:00
db:CNVDid:CNVD-2011-1635date:2011-04-28T00:00:00
db:VULHUBid:VHN-48285date:2013-05-21T00:00:00
db:BIDid:47596date:2013-04-02T15:57:00
db:JVNDBid:JVNDB-2011-004090date:2016-04-06T00:00:00
db:CNNVDid:CNNVD-201104-318date:2011-05-06T00:00:00
db:NVDid:CVE-2011-0340date:2013-05-21T03:04:44.983

SOURCES RELEASE DATE

db:IVDid:03126d9a-2355-11e6-abef-000c29c66e3ddate:2011-04-28T00:00:00
db:IVDid:0a3c1e31-e21b-43a6-bc03-7b31c6d49349date:2011-04-28T00:00:00
db:IVDid:b3a31758-1f96-11e6-abef-000c29c66e3ddate:2011-04-28T00:00:00
db:IVDid:d282dd20-1f96-11e6-abef-000c29c66e3ddate:2011-04-28T00:00:00
db:ZDIid:ZDI-12-155date:2012-08-22T00:00:00
db:ZDIid:ZDI-12-168date:2012-08-29T00:00:00
db:CNVDid:CNVD-2011-1637date:2011-04-28T00:00:00
db:CNVDid:CNVD-2011-1636date:2011-04-28T00:00:00
db:CNVDid:CNVD-2011-1634date:2011-04-28T00:00:00
db:CNVDid:CNVD-2011-1635date:2011-04-28T00:00:00
db:VULHUBid:VHN-48285date:2011-05-04T00:00:00
db:BIDid:47596date:2011-04-27T00:00:00
db:JVNDBid:JVNDB-2011-004090date:2012-03-27T00:00:00
db:PACKETSTORMid:115995date:2012-08-29T14:17:01
db:PACKETSTORMid:115807date:2012-08-23T02:40:38
db:CNNVDid:CNNVD-201104-318date:2011-04-28T00:00:00
db:NVDid:CVE-2011-0340date:2011-05-04T22:55:01.467