Sign-up

ID

VAR-201105-0286


CVE

CVE-2011-2214


TITLE

7T Interactive Graphical SCADA System system ODBC Message Remote Memory Corruption Vulnerability

Trust: 0.8

sources: IVD: 8bd5a710-1f94-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-1968

DESCRIPTION

Unspecified vulnerability in the Open Database Connectivity (ODBC) component in 7T Interactive Graphical SCADA System (IGSS) before 9.0.0.11143 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 20222, which triggers memory corruption related to an "invalid structure being used.". The 7T Interactive Graphical SCADA System is an automated monitoring and control system. Using an illegal structure can result in an exploitable condition that can successfully execute arbitrary code in the application context. Successfully exploiting this issue will completely compromise an affected computer. Failed exploit attempts will result in a denial-of-service condition. Versions prior to Interactive Graphical SCADA System 9.0.0.11143 are vulnerable

Trust: 2.61

sources: NVD: CVE-2011-2214 // JVNDB: JVNDB-2011-004675 // CNVD: CNVD-2011-1968 // BID: 47960 // IVD: 8bd5a710-1f94-11e6-abef-000c29c66e3d

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: 8bd5a710-1f94-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-1968

AFFECTED PRODUCTS

vendor:7tmodel:igssscope:eqversion:8

Trust: 1.6

vendor:7tmodel:igssscope:eqversion:9

Trust: 1.6

vendor:7tmodel:igssscope:lteversion:9.0.0.11129

Trust: 1.0

vendor:7model:interactive graphical scada systemscope:eqversion:8

Trust: 0.9

vendor:7model:interactive graphical scada systemscope:eqversion:9

Trust: 0.9

vendor:7model:interactive graphical scada systemscope:eqversion:9.0.0.11129

Trust: 0.9

vendor:7model:interactive graphical scada systemscope:ltversion:9.0.0.11143

Trust: 0.8

vendor:7tmodel:igssscope:eqversion:9.0.0.11129

Trust: 0.6

vendor:7model:interactive graphical scada systemscope:eqversion:0

Trust: 0.3

vendor:7model:interactive graphical scada systemscope:neversion:9.0.0.11143

Trust: 0.3

vendor:igssmodel: - scope:eqversion:8

Trust: 0.2

vendor:igssmodel: - scope:eqversion:9

Trust: 0.2

vendor:igssmodel: - scope:eqversion:*

Trust: 0.2

sources: IVD: 8bd5a710-1f94-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-1968 // BID: 47960 // JVNDB: JVNDB-2011-004675 // CNNVD: CNNVD-201105-300 // NVD: CVE-2011-2214

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2011-2214
value: HIGH

Trust: 1.0

NVD: CVE-2011-2214
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201105-300
value: CRITICAL

Trust: 0.6

IVD: 8bd5a710-1f94-11e6-abef-000c29c66e3d
value: CRITICAL

Trust: 0.2

nvd@nist.gov: CVE-2011-2214
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

IVD: 8bd5a710-1f94-11e6-abef-000c29c66e3d
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

sources: IVD: 8bd5a710-1f94-11e6-abef-000c29c66e3d // JVNDB: JVNDB-2011-004675 // CNNVD: CNNVD-201105-300 // NVD: CVE-2011-2214

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2011-2214

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201105-300

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201105-300

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2011-004675

PATCH
title:Top Pageurl:http://www.igss.com/index.htm
Trust: 0.8
title:7T Interactive Graphical SCADA System System ODBC Message Remote Memory Corruption Vulnerability Patchurl:https://www.cnvd.org.cn/patchInfo/show/3936
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2011-1968 // 
            
            
            
            JVNDB: JVNDB-2011-004675

EXTERNAL IDS
db:NVDid:CVE-2011-2214
Trust: 2.9
db:BIDid:47960
Trust: 2.5
db:SREASONid:8265
Trust: 1.0
db:CNVDid:CNVD-2011-1968
Trust: 0.8
db:CNNVDid:CNNVD-201105-300
Trust: 0.8
db:JVNDBid:JVNDB-2011-004675
Trust: 0.8
db:BUGTRAQid:20110524 VUPEN SECURITY RESEARCH - 7T INTERACTIVE GRAPHICAL SCADA SYSTEM (IGSS) REMOTE MEMORY CORRUPTION
Trust: 0.6
db:IVDid:8BD5A710-1F94-11E6-ABEF-000C29C66E3D
Trust: 0.2
sources:
            
            
            IVD: 8bd5a710-1f94-11e6-abef-000c29c66e3d // 
            
            
            
            CNVD: CNVD-2011-1968 // 
            
            
            
            BID: 47960 // 
            
            
            
            JVNDB: JVNDB-2011-004675 // 
            
            
            
            CNNVD: CNNVD-201105-300 // 
            
            
            
            NVD: CVE-2011-2214

REFERENCES
url:http://www.securityfocus.com/bid/47960
Trust: 1.6
url:http://securityreason.com/securityalert/8265
Trust: 1.0
url:http://www.securityfocus.com/archive/1/518110/100/0/threaded
Trust: 1.0
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2214
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-2214
Trust: 0.8
url:http://www.securityfocus.com/archive/1/518110
Trust: 0.6
url:http://www.securityfocus.com/archive/1/archive/1/518110/100/0/threaded
Trust: 0.6
url:http://www.igss.com/
Trust: 0.3
url:/archive/1/518110
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2011-1968 // 
            
            
            
            BID: 47960 // 
            
            
            
            JVNDB: JVNDB-2011-004675 // 
            
            
            
            CNNVD: CNNVD-201105-300 // 
            
            
            
            NVD: CVE-2011-2214

CREDITS
Sebastien Renaud of VUPEN Security
Trust: 0.3
sources:
            
            
            BID: 47960

SOURCES
db:IVDid:8bd5a710-1f94-11e6-abef-000c29c66e3d
db:CNVDid:CNVD-2011-1968
db:BIDid:47960
db:JVNDBid:JVNDB-2011-004675
db:CNNVDid:CNNVD-201105-300
db:NVDid:CVE-2011-2214

LAST UPDATE DATE
2025-04-11T23:08:58.020000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2011-1968date:2011-05-25T00:00:00
db:BIDid:47960date:2015-04-13T21:01:00
db:JVNDBid:JVNDB-2011-004675date:2012-03-27T00:00:00
db:CNNVDid:CNNVD-201105-300date:2011-06-01T00:00:00
db:NVDid:CVE-2011-2214date:2025-04-11T00:51:21.963

SOURCES RELEASE DATE
db:IVDid:8bd5a710-1f94-11e6-abef-000c29c66e3ddate:2011-05-25T00:00:00
db:CNVDid:CNVD-2011-1968date:2011-05-25T00:00:00
db:BIDid:47960date:2011-05-24T00:00:00
db:JVNDBid:JVNDB-2011-004675date:2012-03-27T00:00:00
db:CNNVDid:CNNVD-201105-300date:2011-05-31T00:00:00
db:NVDid:CVE-2011-2214date:2011-05-31T20:55:05.297