ID

VAR-201305-0005


CVE

CVE-2011-4520


TITLE

MICROSYS PROMOTIC ActiveX Component Heap Buffer Overflow Vulnerability

Trust: 1.0

sources: IVD: 7d78e62e-463f-11e9-baca-000c29342cb1 // IVD: ef2d245c-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-8765

DESCRIPTION

Heap-based buffer overflow in an ActiveX component in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to cause a denial of service via a crafted web page. MICROSYS PROMOTIC is a SCADA software. PROMOTIC is prone to multiple security vulnerabilities. Exploiting these issues may allow remote attackers to execute arbitrary code within the context of the affected application or disclose sensitive information. PROMOTIC 8.1.3 is vulnerable; other versions may also be affected

Trust: 2.88

sources: NVD: CVE-2011-4520 // JVNDB: JVNDB-2011-005232 // CNVD: CNVD-2012-8765 // BID: 50133 // IVD: 7d78e62e-463f-11e9-baca-000c29342cb1 // IVD: ef2d245c-2352-11e6-abef-000c29c66e3d // VULMON: CVE-2011-4520

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 1.0

sources: IVD: 7d78e62e-463f-11e9-baca-000c29342cb1 // IVD: ef2d245c-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-8765

AFFECTED PRODUCTS

vendor:microsysmodel:promoticscope:eqversion:8.0.13

Trust: 1.6

vendor:microsysmodel:promoticscope:eqversion:8.0.2

Trust: 1.6

vendor:microsysmodel:promoticscope:eqversion:8.0.1

Trust: 1.6

vendor:microsysmodel:promoticscope:eqversion:8.0.11

Trust: 1.6

vendor:microsysmodel:promoticscope:eqversion:8.0.10

Trust: 1.6

vendor:microsysmodel:promoticscope:eqversion:8.0.5

Trust: 1.6

vendor:microsysmodel:promoticscope:eqversion:8.0.0

Trust: 1.6

vendor:microsysmodel:promoticscope:eqversion:8.0.3

Trust: 1.6

vendor:microsysmodel:promoticscope:eqversion:8.0.12

Trust: 1.6

vendor:microsysmodel:promoticscope:eqversion:8.0.4

Trust: 1.6

vendor:microsysmodel:promoticscope:eqversion:8.0.8

Trust: 1.0

vendor:microsysmodel:promoticscope:eqversion:8.1.1

Trust: 1.0

vendor:microsysmodel:promoticscope:eqversion:8.1.0

Trust: 1.0

vendor:microsysmodel:promoticscope:lteversion:8.1.4

Trust: 1.0

vendor:microsysmodel:promoticscope:eqversion:8.0.6

Trust: 1.0

vendor:microsysmodel:promoticscope:eqversion:8.1.2

Trust: 1.0

vendor:microsysmodel:promoticscope:eqversion:8.0.7

Trust: 1.0

vendor:microsysmodel:promoticscope:eqversion:8.1.3

Trust: 1.0

vendor:microsysmodel:promoticscope:eqversion:8.0.9

Trust: 1.0

vendor:microsysmodel:promoticscope:ltversion:8.1.5

Trust: 0.8

vendor:promoticmodel:promoticscope:eqversion:8.x

Trust: 0.6

vendor:promoticmodel: - scope:eqversion:8.0.0

Trust: 0.4

vendor:promoticmodel: - scope:eqversion:8.0.1

Trust: 0.4

vendor:promoticmodel: - scope:eqversion:8.0.2

Trust: 0.4

vendor:promoticmodel: - scope:eqversion:8.0.3

Trust: 0.4

vendor:promoticmodel: - scope:eqversion:8.0.4

Trust: 0.4

vendor:promoticmodel: - scope:eqversion:8.0.5

Trust: 0.4

vendor:promoticmodel: - scope:eqversion:8.0.6

Trust: 0.4

vendor:promoticmodel: - scope:eqversion:8.0.7

Trust: 0.4

vendor:promoticmodel: - scope:eqversion:8.0.8

Trust: 0.4

vendor:promoticmodel: - scope:eqversion:8.0.9

Trust: 0.4

vendor:promoticmodel: - scope:eqversion:8.0.10

Trust: 0.4

vendor:promoticmodel: - scope:eqversion:8.0.11

Trust: 0.4

vendor:promoticmodel: - scope:eqversion:8.0.12

Trust: 0.4

vendor:promoticmodel: - scope:eqversion:8.0.13

Trust: 0.4

vendor:promoticmodel: - scope:eqversion:8.1.0

Trust: 0.4

vendor:promoticmodel: - scope:eqversion:8.1.1

Trust: 0.4

vendor:promoticmodel: - scope:eqversion:8.1.2

Trust: 0.4

vendor:promoticmodel: - scope:eqversion:8.1.3

Trust: 0.4

vendor:promoticmodel: - scope:eqversion:*

Trust: 0.4

vendor:promoticmodel:promoticscope:eqversion:8.1.3

Trust: 0.3

sources: IVD: 7d78e62e-463f-11e9-baca-000c29342cb1 // IVD: ef2d245c-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-8765 // BID: 50133 // JVNDB: JVNDB-2011-005232 // CNNVD: CNNVD-201205-484 // NVD: CVE-2011-4520

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2011-4520
value: MEDIUM

Trust: 1.0

NVD: CVE-2011-4520
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2012-8765
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201205-484
value: MEDIUM

Trust: 0.6

IVD: 7d78e62e-463f-11e9-baca-000c29342cb1
value: MEDIUM

Trust: 0.2

IVD: ef2d245c-2352-11e6-abef-000c29c66e3d
value: MEDIUM

Trust: 0.2

VULMON: CVE-2011-4520
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2011-4520
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2012-8765
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 7d78e62e-463f-11e9-baca-000c29342cb1
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

IVD: ef2d245c-2352-11e6-abef-000c29c66e3d
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

sources: IVD: 7d78e62e-463f-11e9-baca-000c29342cb1 // IVD: ef2d245c-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-8765 // VULMON: CVE-2011-4520 // JVNDB: JVNDB-2011-005232 // CNNVD: CNNVD-201205-484 // NVD: CVE-2011-4520

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.8

sources: JVNDB: JVNDB-2011-005232 // NVD: CVE-2011-4520

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201205-484

TYPE

Buffer overflow

Trust: 1.0

sources: IVD: 7d78e62e-463f-11e9-baca-000c29342cb1 // IVD: ef2d245c-2352-11e6-abef-000c29c66e3d // CNNVD: CNNVD-201205-484

CONFIGURATIONS

sources: JVNDB: JVNDB-2011-005232

EXPLOIT AVAILABILITY

sources: VULMON: CVE-2011-4520

PATCH

title:Version 8.1.5 (from 28.11.2011) - stable versionurl:http://www.promotic.eu/en/pmdoc/News.htm#ver80105

Trust: 0.8

title:MICROSYS PROMOTIC ActiveX Component Heap Buffer Overflow Vulnerability Patchurl:https://www.cnvd.org.cn/patchInfo/show/34304

Trust: 0.6

sources: CNVD: CNVD-2012-8765 // JVNDB: JVNDB-2011-005232

EXTERNAL IDS

db:NVDid:CVE-2011-4520

Trust: 3.5

db:ICS CERTid:ICSA-12-024-02

Trust: 3.4

db:BIDid:50133

Trust: 1.5

db:CNVDid:CNVD-2012-8765

Trust: 1.0

db:CNNVDid:CNNVD-201205-484

Trust: 1.0

db:JVNDBid:JVNDB-2011-005232

Trust: 0.8

db:IVDid:7D78E62E-463F-11E9-BACA-000C29342CB1

Trust: 0.2

db:IVDid:EF2D245C-2352-11E6-ABEF-000C29C66E3D

Trust: 0.2

db:EXPLOIT-DBid:18049

Trust: 0.1

db:VULMONid:CVE-2011-4520

Trust: 0.1

sources: IVD: 7d78e62e-463f-11e9-baca-000c29342cb1 // IVD: ef2d245c-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-8765 // VULMON: CVE-2011-4520 // BID: 50133 // JVNDB: JVNDB-2011-005232 // CNNVD: CNNVD-201205-484 // NVD: CVE-2011-4520

REFERENCES

url:http://ics-cert.us-cert.gov/advisories/icsa-12-024-02

Trust: 3.2

url:http://www.promotic.eu/en/pmdoc/news.htm#ver80105

Trust: 2.0

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4520

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4520

Trust: 0.8

url:http://www.securityfocus.com/bid/50133

Trust: 0.6

url:http://www.promotic.eu/en/promotic/scada-pm.htm

Trust: 0.3

url:http://aluigi.altervista.org/adv/promotic_1-adv.txt

Trust: 0.3

url:http://www.us-cert.gov/control_systems/pdf/icsa-12-024-02.pdf

Trust: 0.3

url:https://cwe.mitre.org/data/definitions/119.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://www.exploit-db.com/exploits/18049/

Trust: 0.1

sources: CNVD: CNVD-2012-8765 // VULMON: CVE-2011-4520 // BID: 50133 // JVNDB: JVNDB-2011-005232 // CNNVD: CNNVD-201205-484 // NVD: CVE-2011-4520

CREDITS

Luigi Auriemma

Trust: 0.9

sources: BID: 50133 // CNNVD: CNNVD-201205-484

SOURCES

db:IVDid:7d78e62e-463f-11e9-baca-000c29342cb1
db:IVDid:ef2d245c-2352-11e6-abef-000c29c66e3d
db:CNVDid:CNVD-2012-8765
db:VULMONid:CVE-2011-4520
db:BIDid:50133
db:JVNDBid:JVNDB-2011-005232
db:CNNVDid:CNNVD-201205-484
db:NVDid:CVE-2011-4520

LAST UPDATE DATE

2024-08-14T14:21:21.559000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2012-8765date:2012-05-28T00:00:00
db:VULMONid:CVE-2011-4520date:2013-05-24T00:00:00
db:BIDid:50133date:2011-10-14T00:00:00
db:JVNDBid:JVNDB-2011-005232date:2013-05-27T00:00:00
db:CNNVDid:CNNVD-201205-484date:2013-05-24T00:00:00
db:NVDid:CVE-2011-4520date:2013-05-24T04:00:00

SOURCES RELEASE DATE

db:IVDid:7d78e62e-463f-11e9-baca-000c29342cb1date:2012-05-28T00:00:00
db:IVDid:ef2d245c-2352-11e6-abef-000c29c66e3ddate:2012-05-28T00:00:00
db:CNVDid:CNVD-2012-8765date:2012-05-28T00:00:00
db:VULMONid:CVE-2011-4520date:2013-05-23T00:00:00
db:BIDid:50133date:2011-10-14T00:00:00
db:JVNDBid:JVNDB-2011-005232date:2013-05-27T00:00:00
db:CNNVDid:CNNVD-201205-484date:1900-01-01T00:00:00
db:NVDid:CVE-2011-4520date:2013-05-23T17:55:02.850