Details of VAR-201202-0162

ID

VAR-201202-0162

CVE

CVE-2011-4875

TITLE

Siemens SIMATIC WinCC Flexible Runtime 'HmiLoad.exe' Buffer Overflow Vulnerability

Trust: 0.8

sources: IVD: 61050c40-1f7d-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-5103

DESCRIPTION

Stack-based buffer overflow in HmiLoad in the runtime loader in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime, when Transfer Mode is enabled, allows remote attackers to execute arbitrary code via vectors related to Unicode strings. Miniweb has a security vulnerability that allows an attacker to submit a specially crafted HTTP POST request to allow the server to access any illegal memory area while checking the extension of the requested file. Siemens SIMATIC WinCC is a multi-user system that provides complete monitoring and data acquisition (SCADA) functionality for the industrial sector, from single-user systems to redundant server and remote web client solutions. HmiLoad has multiple security vulnerabilities that allow an attacker to stop a service or crash a service in multiple ways. Siemens SIMATIC is an automation software in a single engineering environment. A security vulnerability exists in the Siemens SIMATIC WinCC HMI web server. When the transfer mode is enabled, the runtime loader listens on the 2308/TCP or 50523/TCP port. Without the correct data segment length and Unicode string, a stack overflow can be triggered, causing arbitrary code execution. A directory traversal vulnerability exists in the HmiLoad server that allows reading, writing, and deleting arbitrary files outside of the specified directory. Attackers can exploit these issues to execute arbitrary code in the context of the affected application, read/write or delete arbitrary files outside of the server root directory, or cause denial-of-service conditions; other attacks may also be possible

Trust: 6.3

sources: NVD: CVE-2011-4875 // JVNDB: JVNDB-2012-001317 // CNVD: CNVD-2011-5108 // CNVD: CNVD-2011-5110 // CNVD: CNVD-2011-5103 // CNVD: CNVD-2011-5107 // CNVD: CNVD-2012-0465 // CNVD: CNVD-2011-5105 // BID: 50828 // IVD: 61050c40-1f7d-11e6-abef-000c29c66e3d // IVD: 5e37bfa8-1f7d-11e6-abef-000c29c66e3d // IVD: 9fe8f34a-1f7d-11e6-abef-000c29c66e3d // IVD: 28c3f672-2354-11e6-abef-000c29c66e3d // IVD: 9c31ed38-1f7d-11e6-abef-000c29c66e3d // IVD: 9ef7b7be-1f7d-11e6-abef-000c29c66e3d // VULHUB: VHN-52820

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 4.8

sources: IVD: 61050c40-1f7d-11e6-abef-000c29c66e3d // IVD: 5e37bfa8-1f7d-11e6-abef-000c29c66e3d // IVD: 9fe8f34a-1f7d-11e6-abef-000c29c66e3d // IVD: 28c3f672-2354-11e6-abef-000c29c66e3d // IVD: 9c31ed38-1f7d-11e6-abef-000c29c66e3d // IVD: 9ef7b7be-1f7d-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-5108 // CNVD: CNVD-2011-5110 // CNVD: CNVD-2011-5103 // CNVD: CNVD-2011-5107 // CNVD: CNVD-2012-0465 // CNVD: CNVD-2011-5105

AFFECTED PRODUCTS

vendor:	siemens	model:	simatic wincc flexible runtime	scope:	-	version:	-	Trust: 3.6
vendor:	siemens	model:	simatic wincc flexible sp2	scope:	eq	version:	2008	Trust: 3.3
vendor:	siemens	model:	simatic hmi panels	scope:	eq	version:	mp	Trust: 2.4
vendor:	siemens	model:	simatic hmi panels	scope:	eq	version:	op	Trust: 2.4
vendor:	siemens	model:	simatic hmi panels	scope:	eq	version:	tp	Trust: 2.4
vendor:	siemens	model:	simatic wincc flexible	scope:	eq	version:	2008	Trust: 1.7
vendor:	siemens	model:	simatic wincc flexible	scope:	eq	version:	2007	Trust: 1.7
vendor:	siemens	model:	simatic wincc flexible	scope:	eq	version:	2005	Trust: 1.7
vendor:	siemens	model:	simatic wincc flexible	scope:	eq	version:	2004	Trust: 1.7
vendor:	siemens	model:	wincc flexible	scope:	eq	version:	2008	Trust: 1.6
vendor:	siemens	model:	simatic hmi panels	scope:	eq	version:	comfort_panels	Trust: 1.6
vendor:	siemens	model:	wincc runtime advanced	scope:	eq	version:	v11	Trust: 1.6
vendor:	siemens	model:	wincc	scope:	eq	version:	v11	Trust: 1.6
vendor:	siemens	model:	simatic hmi panels	scope:	eq	version:	mobile_panels	Trust: 1.6
vendor:	siemens	model:	wincc flexible	scope:	eq	version:	2007	Trust: 1.6
vendor:	siemens	model:	simatic wincc	scope:	eq	version:	v11	Trust: 1.4
vendor:	siemens	model:	simatic wincc flexible runtime	scope:	eq	version:	*	Trust: 1.0
vendor:	siemens	model:	simatic wincc flexible sp2	scope:	eq	version:	2008*	Trust: 1.0
vendor:	siemens	model:	wincc flexible	scope:	eq	version:	2005	Trust: 1.0
vendor:	siemens	model:	wincc flexible runtime	scope:	eq	version:	*	Trust: 1.0
vendor:	siemens	model:	wincc flexible	scope:	eq	version:	2004	Trust: 1.0
vendor:	siemens	model:	simatic hmi panels	scope:	eq	version:	comfort panels	Trust: 0.8
vendor:	siemens	model:	simatic hmi panels	scope:	eq	version:	mobile panels	Trust: 0.8
vendor:	siemens	model:	simatic wincc flexible rumtime	scope:	-	version:	-	Trust: 0.8
vendor:	siemens	model:	simatic wincc runtime advanced	scope:	eq	version:	v11	Trust: 0.8
vendor:	siemens	model:	simatic wincc runtime advanced	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	simatic hmi panels	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	simatic wincc	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	wincc flexible runtime	scope:	-	version:	-	Trust: 0.6
vendor:	siemens	model:	simatic wincc flexible runtime	scope:	eq	version:	0	Trust: 0.3
vendor:	siemens	model:	simatic wincc flexible sp1	scope:	eq	version:	2008	Trust: 0.3
vendor:	siemens	model:	simatic wincc flexible sp1	scope:	eq	version:	2005	Trust: 0.3
vendor:	wincc flexible	model:	-	scope:	eq	version:	2004	Trust: 0.2
vendor:	wincc flexible	model:	-	scope:	eq	version:	2005	Trust: 0.2
vendor:	wincc flexible	model:	-	scope:	eq	version:	2007	Trust: 0.2
vendor:	wincc flexible	model:	-	scope:	eq	version:	2008	Trust: 0.2
vendor:	wincc	model:	-	scope:	eq	version:	v11	Trust: 0.2
vendor:	simatic hmi panels	model:	comfort panels	scope:	-	version:	-	Trust: 0.2
vendor:	simatic hmi panels	model:	mobile panels	scope:	-	version:	-	Trust: 0.2
vendor:	simatic hmi panels	model:	mp	scope:	-	version:	-	Trust: 0.2
vendor:	simatic hmi panels	model:	op	scope:	-	version:	-	Trust: 0.2
vendor:	simatic hmi panels	model:	tp	scope:	-	version:	-	Trust: 0.2
vendor:	wincc runtime advanced	model:	-	scope:	eq	version:	v11	Trust: 0.2
vendor:	wincc flexible runtime	model:	-	scope:	eq	version:	*	Trust: 0.2

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2011-4875
value:	HIGH
Trust: 1.0
NVD:	CVE-2011-4875
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201202-090
value:	CRITICAL
Trust: 0.6
IVD:	61050c40-1f7d-11e6-abef-000c29c66e3d
value:	CRITICAL
Trust: 0.2
IVD:	5e37bfa8-1f7d-11e6-abef-000c29c66e3d
value:	CRITICAL
Trust: 0.2
IVD:	9fe8f34a-1f7d-11e6-abef-000c29c66e3d
value:	CRITICAL
Trust: 0.2
IVD:	28c3f672-2354-11e6-abef-000c29c66e3d
value:	CRITICAL
Trust: 0.2
IVD:	9c31ed38-1f7d-11e6-abef-000c29c66e3d
value:	CRITICAL
Trust: 0.2
IVD:	9ef7b7be-1f7d-11e6-abef-000c29c66e3d
value:	CRITICAL
Trust: 0.2
VULHUB:	VHN-52820
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2011-4875
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
IVD:	61050c40-1f7d-11e6-abef-000c29c66e3d
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
IVD:	5e37bfa8-1f7d-11e6-abef-000c29c66e3d
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
IVD:	9fe8f34a-1f7d-11e6-abef-000c29c66e3d
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
IVD:	28c3f672-2354-11e6-abef-000c29c66e3d
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
IVD:	9c31ed38-1f7d-11e6-abef-000c29c66e3d
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
IVD:	9ef7b7be-1f7d-11e6-abef-000c29c66e3d
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-52820
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-52820 // JVNDB: JVNDB-2012-001317 // NVD: CVE-2011-4875

THREAT TYPE

remote

Trust: 1.2

sources: CNNVD: CNNVD-201111-480 // CNNVD: CNNVD-201202-090

TYPE

Buffer overflow

Trust: 1.8

CONFIGURATIONS

sources: JVNDB: JVNDB-2012-001317

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-52820

PATCH

title:	SSA-345442	url:	http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345442.pdf	Trust: 0.8
title:	ソリューションパートナー	url:	http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx	Trust: 0.8
title:	Top Page	url:	http://www.siemens.com/entry/jp/ja/	Trust: 0.8
title:	Patch for Siemens SIMATIC WinCC Flexible Runtime 'HmiLoad.exe' file download vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/72694	Trust: 0.6
title:	Siemens SIMATIC WinCC Flexible Runtime 'HmiLoad.exe' memory access vulnerability patch	url:	https://www.cnvd.org.cn/patchInfo/show/72697	Trust: 0.6
title:	Siemens SIMATIC WinCC Flexible Runtime 'HmiLoad.exe' Buffer Overflow Vulnerability Patch	url:	https://www.cnvd.org.cn/patchInfo/show/72705	Trust: 0.6
title:	Siemens SIMATIC WinCC Flexible Runtime 'HmiLoad.exe' service crash vulnerability patch	url:	https://www.cnvd.org.cn/patchInfo/show/72689	Trust: 0.6
title:	Patch for Siemens SIMATIC WinCC HMI String Stack Overflow Vulnerability (CNVD-2012-0465)	url:	https://www.cnvd.org.cn/patchInfo/show/9071	Trust: 0.6

sources: CNVD: CNVD-2011-5108 // CNVD: CNVD-2011-5110 // CNVD: CNVD-2011-5103 // CNVD: CNVD-2011-5107 // CNVD: CNVD-2012-0465 // JVNDB: JVNDB-2012-001317

EXTERNAL IDS

db:	NVD	id:	CVE-2011-4875	Trust: 4.6
db:	BID	id:	50828	Trust: 3.9
db:	ICS CERT	id:	ICSA-12-030-01	Trust: 3.4
db:	CNNVD	id:	CNNVD-201202-090	Trust: 1.9
db:	SIEMENS	id:	SSA-345442	Trust: 1.7
db:	ICS CERT ALERT	id:	ICS-ALERT-11-332-02A	Trust: 1.1
db:	ICS CERT ALERT	id:	ICS-ALERT-11-332-02	Trust: 1.1
db:	EXPLOIT-DB	id:	18166	Trust: 1.1
db:	OSVDB	id:	77380	Trust: 1.1
db:	CNVD	id:	CNVD-2011-5103	Trust: 0.8
db:	CNVD	id:	CNVD-2011-5105	Trust: 0.8
db:	CNVD	id:	CNVD-2011-5107	Trust: 0.8
db:	CNVD	id:	CNVD-2012-0465	Trust: 0.8
db:	CNVD	id:	CNVD-2011-5110	Trust: 0.8
db:	CNVD	id:	CNVD-2011-5108	Trust: 0.8
db:	JVNDB	id:	JVNDB-2012-001317	Trust: 0.8
db:	CNNVD	id:	CNNVD-201111-480	Trust: 0.6
db:	ICS CERT	id:	ICSA-12-030-01A	Trust: 0.3
db:	IVD	id:	61050C40-1F7D-11E6-ABEF-000C29C66E3D	Trust: 0.2
db:	IVD	id:	5E37BFA8-1F7D-11E6-ABEF-000C29C66E3D	Trust: 0.2
db:	IVD	id:	9FE8F34A-1F7D-11E6-ABEF-000C29C66E3D	Trust: 0.2
db:	IVD	id:	28C3F672-2354-11E6-ABEF-000C29C66E3D	Trust: 0.2
db:	IVD	id:	9C31ED38-1F7D-11E6-ABEF-000C29C66E3D	Trust: 0.2
db:	IVD	id:	9EF7B7BE-1F7D-11E6-ABEF-000C29C66E3D	Trust: 0.2
db:	SEEBUG	id:	SSVID-72366	Trust: 0.1
db:	VULHUB	id:	VHN-52820	Trust: 0.1

REFERENCES

url:	http://aluigi.altervista.org/adv/winccflex_1-adv.txt	Trust: 3.9
url:	http://www.us-cert.gov/control_systems/pdf/icsa-12-030-01.pdf	Trust: 3.4
url:	http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-345442.pdf	Trust: 1.7
url:	http://www.exploit-db.com/exploits/18166	Trust: 1.1
url:	http://aluigi.org/adv/winccflex_1-adv.txt	Trust: 1.1
url:	http://www.us-cert.gov/control_systems/pdf/ics-alert-11-332-02.pdf	Trust: 1.1
url:	http://www.us-cert.gov/control_systems/pdf/ics-alert-11-332-02a.pdf	Trust: 1.1
url:	http://www.osvdb.org/77380	Trust: 1.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/71449	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4875	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4875	Trust: 0.8
url:	http://www.securityfocus.com/bid/50828	Trust: 0.6
url:	http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/wincc-flexible/wincc-flexible-runtime/pages/default.aspx	Trust: 0.3
url:	http://www.us-cert.gov/control_systems/pdf/icsa-12-030-01a.pdf	Trust: 0.3

sources: CNVD: CNVD-2011-5108 // CNVD: CNVD-2011-5110 // CNVD: CNVD-2011-5103 // CNVD: CNVD-2011-5107 // CNVD: CNVD-2012-0465 // CNVD: CNVD-2011-5105 // VULHUB: VHN-52820 // BID: 50828 // JVNDB: JVNDB-2012-001317 // CNNVD: CNNVD-201111-480 // CNNVD: CNNVD-201202-090 // NVD: CVE-2011-4875

CREDITS

Luigi Auriemma

Trust: 0.9

sources: BID: 50828 // CNNVD: CNNVD-201111-480

SOURCES

db:	IVD	id:	61050c40-1f7d-11e6-abef-000c29c66e3d
db:	IVD	id:	5e37bfa8-1f7d-11e6-abef-000c29c66e3d
db:	IVD	id:	9fe8f34a-1f7d-11e6-abef-000c29c66e3d
db:	IVD	id:	28c3f672-2354-11e6-abef-000c29c66e3d
db:	IVD	id:	9c31ed38-1f7d-11e6-abef-000c29c66e3d
db:	IVD	id:	9ef7b7be-1f7d-11e6-abef-000c29c66e3d
db:	CNVD	id:	CNVD-2011-5108
db:	CNVD	id:	CNVD-2011-5110
db:	CNVD	id:	CNVD-2011-5103
db:	CNVD	id:	CNVD-2011-5107
db:	CNVD	id:	CNVD-2012-0465
db:	CNVD	id:	CNVD-2011-5105
db:	VULHUB	id:	VHN-52820
db:	BID	id:	50828
db:	JVNDB	id:	JVNDB-2012-001317
db:	CNNVD	id:	CNNVD-201111-480
db:	CNNVD	id:	CNNVD-201202-090
db:	NVD	id:	CVE-2011-4875

LAST UPDATE DATE

2024-08-14T13:36:41.443000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2011-5108	date:	2016-03-15T00:00:00
db:	CNVD	id:	CNVD-2011-5110	date:	2016-03-15T00:00:00
db:	CNVD	id:	CNVD-2011-5103	date:	2016-03-15T00:00:00
db:	CNVD	id:	CNVD-2011-5107	date:	2016-03-15T00:00:00
db:	CNVD	id:	CNVD-2012-0465	date:	2012-02-07T00:00:00
db:	CNVD	id:	CNVD-2011-5105	date:	2011-12-05T00:00:00
db:	VULHUB	id:	VHN-52820	date:	2017-08-29T00:00:00
db:	BID	id:	50828	date:	2012-04-18T21:20:00
db:	JVNDB	id:	JVNDB-2012-001317	date:	2012-02-08T00:00:00
db:	CNNVD	id:	CNNVD-201111-480	date:	2011-11-30T00:00:00
db:	CNNVD	id:	CNNVD-201202-090	date:	2012-02-07T00:00:00
db:	NVD	id:	CVE-2011-4875	date:	2017-08-29T01:30:37.130

SOURCES RELEASE DATE

db:	IVD	id:	61050c40-1f7d-11e6-abef-000c29c66e3d	date:	2011-12-05T00:00:00
db:	IVD	id:	5e37bfa8-1f7d-11e6-abef-000c29c66e3d	date:	2011-12-05T00:00:00
db:	IVD	id:	9fe8f34a-1f7d-11e6-abef-000c29c66e3d	date:	2011-12-05T00:00:00
db:	IVD	id:	28c3f672-2354-11e6-abef-000c29c66e3d	date:	2012-02-07T00:00:00
db:	IVD	id:	9c31ed38-1f7d-11e6-abef-000c29c66e3d	date:	2011-12-05T00:00:00
db:	IVD	id:	9ef7b7be-1f7d-11e6-abef-000c29c66e3d	date:	2011-12-05T00:00:00
db:	CNVD	id:	CNVD-2011-5108	date:	2011-12-05T00:00:00
db:	CNVD	id:	CNVD-2011-5110	date:	2011-12-05T00:00:00
db:	CNVD	id:	CNVD-2011-5103	date:	2011-12-05T00:00:00
db:	CNVD	id:	CNVD-2011-5107	date:	2011-12-05T00:00:00
db:	CNVD	id:	CNVD-2012-0465	date:	2012-02-07T00:00:00
db:	CNVD	id:	CNVD-2011-5105	date:	2011-12-05T00:00:00
db:	VULHUB	id:	VHN-52820	date:	2012-02-03T00:00:00
db:	BID	id:	50828	date:	2011-11-28T00:00:00
db:	JVNDB	id:	JVNDB-2012-001317	date:	2012-02-08T00:00:00
db:	CNNVD	id:	CNNVD-201111-480	date:	1900-01-01T00:00:00
db:	CNNVD	id:	CNNVD-201202-090	date:	2012-02-07T00:00:00
db:	NVD	id:	CVE-2011-4875	date:	2012-02-03T20:55:01.907