ID

VAR-201201-0166


CVE

CVE-2011-4055


TITLE

Siemens Tecnomatix FactoryLink ActiveX Buffer Overflow Vulnerability

Trust: 0.8

sources: IVD: 3d96cb2e-2354-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-0016

DESCRIPTION

Buffer overflow in the WebClient ActiveX control in Siemens Tecnomatix FactoryLink 6.6.1 (aka 6.6 SP1), 7.5.217 (aka 7.5 SP2), and 8.0.2.54 allows remote attackers to execute arbitrary code via a long string in a parameter associated with the location URL. Siemens Tecnomatix FactoryLink is an industrial automation software. Supervise, manage and control industrial processes. Siemens Tecnomatix FactoryLink ActiveX is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Attackers can exploit this issue to execute arbitrary code within the context of the application using the vulnerable control (typically Internet Explorer). The following Siemens Tecnomatix FactoryLink versions are vulnerable: V8.0.2.54 V7.5.217 (V7.5 SP2) V6.6.1 (V6.6 SP1)

Trust: 2.7

sources: NVD: CVE-2011-4055 // JVNDB: JVNDB-2012-001027 // CNVD: CNVD-2012-0016 // BID: 51266 // IVD: 3d96cb2e-2354-11e6-abef-000c29c66e3d // VULHUB: VHN-52000

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: 3d96cb2e-2354-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-0016

AFFECTED PRODUCTS

vendor:siemensmodel:tecnomatix factorylinkscope:eqversion:7.5.217

Trust: 3.3

vendor:siemensmodel:tecnomatix factorylinkscope:eqversion:8.0.2.54

Trust: 3.3

vendor:siemensmodel:tecnomatix factorylinkscope:eqversion:6.6.1

Trust: 3.3

vendor:tecnomatix factorylinkmodel: - scope:eqversion:6.6.1

Trust: 0.2

vendor:tecnomatix factorylinkmodel: - scope:eqversion:7.5.217

Trust: 0.2

vendor:tecnomatix factorylinkmodel: - scope:eqversion:8.0.2.54

Trust: 0.2

sources: IVD: 3d96cb2e-2354-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-0016 // BID: 51266 // JVNDB: JVNDB-2012-001027 // CNNVD: CNNVD-201201-046 // NVD: CVE-2011-4055

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2011-4055
value: HIGH

Trust: 1.0

NVD: CVE-2011-4055
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201201-046
value: CRITICAL

Trust: 0.6

IVD: 3d96cb2e-2354-11e6-abef-000c29c66e3d
value: CRITICAL

Trust: 0.2

VULHUB: VHN-52000
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2011-4055
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

IVD: 3d96cb2e-2354-11e6-abef-000c29c66e3d
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-52000
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: IVD: 3d96cb2e-2354-11e6-abef-000c29c66e3d // VULHUB: VHN-52000 // JVNDB: JVNDB-2012-001027 // CNNVD: CNNVD-201201-046 // NVD: CVE-2011-4055

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-52000 // JVNDB: JVNDB-2012-001027 // NVD: CVE-2011-4055

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201201-046

TYPE

Buffer overflow

Trust: 0.8

sources: IVD: 3d96cb2e-2354-11e6-abef-000c29c66e3d // CNNVD: CNNVD-201201-046

CONFIGURATIONS

sources: JVNDB: JVNDB-2012-001027

PATCH

title:Patch Informationurl:http://www.usdata.com/sea/factorylink/en/p_nav5.asp

Trust: 0.8

title:Top Pageurl:http://www.siemens.com

Trust: 0.8

title:シーメンスソリューションパートナーurl:http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx

Trust: 0.8

title:シーメンス・ジャパン株式会社url:http://www.siemens.com/entry/jp/ja/

Trust: 0.8

title:Patch for Siemens Tecnomatix FactoryLink ActiveX Buffer Overflow Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/7092

Trust: 0.6

sources: CNVD: CNVD-2012-0016 // JVNDB: JVNDB-2012-001027

EXTERNAL IDS

db:NVDid:CVE-2011-4055

Trust: 3.6

db:ICS CERTid:ICSA-11-343-01

Trust: 3.4

db:BIDid:51266

Trust: 1.4

db:CNNVDid:CNNVD-201201-046

Trust: 0.9

db:CNVDid:CNVD-2012-0016

Trust: 0.8

db:JVNDBid:JVNDB-2012-001027

Trust: 0.8

db:NSFOCUSid:18426

Trust: 0.6

db:IVDid:3D96CB2E-2354-11E6-ABEF-000C29C66E3D

Trust: 0.2

db:VULHUBid:VHN-52000

Trust: 0.1

sources: IVD: 3d96cb2e-2354-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-0016 // VULHUB: VHN-52000 // BID: 51266 // JVNDB: JVNDB-2012-001027 // CNNVD: CNNVD-201201-046 // NVD: CVE-2011-4055

REFERENCES

url:http://www.us-cert.gov/control_systems/pdf/icsa-11-343-01.pdf

Trust: 3.1

url:http://www.usdata.com/sea/factorylink/en/p_nav5.asp

Trust: 1.7

url:http://www.securityfocus.com/bid/51266

Trust: 1.1

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/72117

Trust: 1.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4055

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4055

Trust: 0.8

url:http://www.nsfocus.net/vulndb/18426

Trust: 0.6

url:http://www.plm.automation.siemens.com/en_us/products/tecnomatix/production_management/factorylink/index.shtml

Trust: 0.3

url:http://www.us-cert.gov/control_systems/pdf/icsa-11-343-01.pdf

Trust: 0.3

sources: CNVD: CNVD-2012-0016 // VULHUB: VHN-52000 // BID: 51266 // JVNDB: JVNDB-2012-001027 // CNNVD: CNNVD-201201-046 // NVD: CVE-2011-4055

CREDITS

Kuang-Chun Hung

Trust: 0.9

sources: BID: 51266 // CNNVD: CNNVD-201201-046

SOURCES

db:IVDid:3d96cb2e-2354-11e6-abef-000c29c66e3d
db:CNVDid:CNVD-2012-0016
db:VULHUBid:VHN-52000
db:BIDid:51266
db:JVNDBid:JVNDB-2012-001027
db:CNNVDid:CNNVD-201201-046
db:NVDid:CVE-2011-4055

LAST UPDATE DATE

2024-08-14T13:36:47.844000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2012-0016date:2012-01-06T00:00:00
db:VULHUBid:VHN-52000date:2017-08-29T00:00:00
db:BIDid:51266date:2012-01-04T00:00:00
db:JVNDBid:JVNDB-2012-001027date:2012-01-11T00:00:00
db:CNNVDid:CNNVD-201201-046date:2012-01-13T00:00:00
db:NVDid:CVE-2011-4055date:2017-08-29T01:30:26.817

SOURCES RELEASE DATE

db:IVDid:3d96cb2e-2354-11e6-abef-000c29c66e3ddate:2012-01-06T00:00:00
db:CNVDid:CNVD-2012-0016date:2012-01-06T00:00:00
db:VULHUBid:VHN-52000date:2012-01-08T00:00:00
db:BIDid:51266date:2012-01-04T00:00:00
db:JVNDBid:JVNDB-2012-001027date:2012-01-11T00:00:00
db:CNNVDid:CNNVD-201201-046date:1900-01-01T00:00:00
db:NVDid:CVE-2011-4055date:2012-01-08T00:55:01.893