Details of VAR-201305-0007

ID

VAR-201305-0007

CVE

CVE-2011-4519

TITLE

MICROSYS PROMOTIC ActiveX Component Stack Buffer Overflow Vulnerability

Trust: 1.0

sources: IVD: 7d790d41-463f-11e9-9cea-000c29342cb1 // IVD: ef3378f2-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-8766

DESCRIPTION

Stack-based buffer overflow in an ActiveX component in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to cause a denial of service via a crafted web page. MICROSYS PROMOTIC is a SCADA software. PROMOTIC is prone to multiple security vulnerabilities. Exploiting these issues may allow remote attackers to execute arbitrary code within the context of the affected application or disclose sensitive information. PROMOTIC 8.1.3 is vulnerable; other versions may also be affected

Trust: 2.79

sources: NVD: CVE-2011-4519 // JVNDB: JVNDB-2011-005231 // CNVD: CNVD-2012-8766 // BID: 50133 // IVD: 7d790d41-463f-11e9-9cea-000c29342cb1 // IVD: ef3378f2-2352-11e6-abef-000c29c66e3d

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 1.0

sources: IVD: 7d790d41-463f-11e9-9cea-000c29342cb1 // IVD: ef3378f2-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-8766

AFFECTED PRODUCTS

vendor:	microsys	model:	promotic	scope:	eq	version:	8.1.0	Trust: 1.6
vendor:	microsys	model:	promotic	scope:	eq	version:	8.0.1	Trust: 1.6
vendor:	microsys	model:	promotic	scope:	eq	version:	8.0.11	Trust: 1.6
vendor:	microsys	model:	promotic	scope:	eq	version:	8.1.1	Trust: 1.6
vendor:	microsys	model:	promotic	scope:	eq	version:	8.1.3	Trust: 1.6
vendor:	microsys	model:	promotic	scope:	eq	version:	8.0.10	Trust: 1.6
vendor:	microsys	model:	promotic	scope:	eq	version:	8.0.0	Trust: 1.6
vendor:	microsys	model:	promotic	scope:	eq	version:	8.0.12	Trust: 1.6
vendor:	microsys	model:	promotic	scope:	eq	version:	8.1.2	Trust: 1.6
vendor:	microsys	model:	promotic	scope:	eq	version:	8.0.5	Trust: 1.0
vendor:	microsys	model:	promotic	scope:	eq	version:	8.0.8	Trust: 1.0
vendor:	microsys	model:	promotic	scope:	eq	version:	8.0.2	Trust: 1.0
vendor:	microsys	model:	promotic	scope:	lte	version:	8.1.4	Trust: 1.0
vendor:	microsys	model:	promotic	scope:	eq	version:	8.0.6	Trust: 1.0
vendor:	microsys	model:	promotic	scope:	eq	version:	8.0.4	Trust: 1.0
vendor:	microsys	model:	promotic	scope:	eq	version:	8.0.7	Trust: 1.0
vendor:	microsys	model:	promotic	scope:	eq	version:	8.0.9	Trust: 1.0
vendor:	microsys	model:	promotic	scope:	eq	version:	8.0.13	Trust: 1.0
vendor:	microsys	model:	promotic	scope:	eq	version:	8.0.3	Trust: 1.0
vendor:	microsys	model:	promotic	scope:	lt	version:	8.1.5	Trust: 0.8
vendor:	promotic	model:	promotic	scope:	eq	version:	8.x	Trust: 0.6
vendor:	microsys	model:	promotic	scope:	eq	version:	8.1.4	Trust: 0.6
vendor:	promotic	model:	-	scope:	eq	version:	8.0.0	Trust: 0.4
vendor:	promotic	model:	-	scope:	eq	version:	8.0.1	Trust: 0.4
vendor:	promotic	model:	-	scope:	eq	version:	8.0.2	Trust: 0.4
vendor:	promotic	model:	-	scope:	eq	version:	8.0.3	Trust: 0.4
vendor:	promotic	model:	-	scope:	eq	version:	8.0.4	Trust: 0.4
vendor:	promotic	model:	-	scope:	eq	version:	8.0.5	Trust: 0.4
vendor:	promotic	model:	-	scope:	eq	version:	8.0.6	Trust: 0.4
vendor:	promotic	model:	-	scope:	eq	version:	8.0.7	Trust: 0.4
vendor:	promotic	model:	-	scope:	eq	version:	8.0.8	Trust: 0.4
vendor:	promotic	model:	-	scope:	eq	version:	8.0.9	Trust: 0.4
vendor:	promotic	model:	-	scope:	eq	version:	8.0.10	Trust: 0.4
vendor:	promotic	model:	-	scope:	eq	version:	8.0.11	Trust: 0.4
vendor:	promotic	model:	-	scope:	eq	version:	8.0.12	Trust: 0.4
vendor:	promotic	model:	-	scope:	eq	version:	8.0.13	Trust: 0.4
vendor:	promotic	model:	-	scope:	eq	version:	8.1.0	Trust: 0.4
vendor:	promotic	model:	-	scope:	eq	version:	8.1.1	Trust: 0.4
vendor:	promotic	model:	-	scope:	eq	version:	8.1.2	Trust: 0.4
vendor:	promotic	model:	-	scope:	eq	version:	8.1.3	Trust: 0.4
vendor:	promotic	model:	-	scope:	eq	version:	*	Trust: 0.4
vendor:	promotic	model:	promotic	scope:	eq	version:	8.1.3	Trust: 0.3

sources: IVD: 7d790d41-463f-11e9-9cea-000c29342cb1 // IVD: ef3378f2-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-8766 // BID: 50133 // JVNDB: JVNDB-2011-005231 // CNNVD: CNNVD-201205-483 // NVD: CVE-2011-4519

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2011-4519
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2011-4519
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2012-8766
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201205-483
value:	MEDIUM
Trust: 0.6
IVD:	7d790d41-463f-11e9-9cea-000c29342cb1
value:	MEDIUM
Trust: 0.2
IVD:	ef3378f2-2352-11e6-abef-000c29c66e3d
value:	MEDIUM
Trust: 0.2

nvd@nist.gov:	CVE-2011-4519
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2012-8766
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	7d790d41-463f-11e9-9cea-000c29342cb1
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
IVD:	ef3378f2-2352-11e6-abef-000c29c66e3d
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

sources: IVD: 7d790d41-463f-11e9-9cea-000c29342cb1 // IVD: ef3378f2-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-8766 // JVNDB: JVNDB-2011-005231 // CNNVD: CNNVD-201205-483 // NVD: CVE-2011-4519

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.8

sources: JVNDB: JVNDB-2011-005231 // NVD: CVE-2011-4519

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201205-483

TYPE

Buffer overflow

Trust: 1.0

sources: IVD: 7d790d41-463f-11e9-9cea-000c29342cb1 // IVD: ef3378f2-2352-11e6-abef-000c29c66e3d // CNNVD: CNNVD-201205-483

CONFIGURATIONS

sources: JVNDB: JVNDB-2011-005231

PATCH

title:	Version 8.1.5 (from 28.11.2011) - stable version	url:	http://www.promotic.eu/en/pmdoc/News.htm#ver80105	Trust: 0.8
title:	MICROSYS PROMOTIC ActiveX Component Stack Buffer Overflow Vulnerability Patch	url:	https://www.cnvd.org.cn/patchInfo/show/34303	Trust: 0.6

sources: CNVD: CNVD-2012-8766 // JVNDB: JVNDB-2011-005231

EXTERNAL IDS

db:	NVD	id:	CVE-2011-4519	Trust: 3.4
db:	ICS CERT	id:	ICSA-12-024-02	Trust: 3.3
db:	BID	id:	50133	Trust: 1.5
db:	CNVD	id:	CNVD-2012-8766	Trust: 1.0
db:	CNNVD	id:	CNNVD-201205-483	Trust: 1.0
db:	JVNDB	id:	JVNDB-2011-005231	Trust: 0.8
db:	IVD	id:	7D790D41-463F-11E9-9CEA-000C29342CB1	Trust: 0.2
db:	IVD	id:	EF3378F2-2352-11E6-ABEF-000C29C66E3D	Trust: 0.2

REFERENCES

url:	http://ics-cert.us-cert.gov/advisories/icsa-12-024-02	Trust: 3.0
url:	http://www.promotic.eu/en/pmdoc/news.htm#ver80105	Trust: 1.9
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4519	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4519	Trust: 0.8
url:	http://www.securityfocus.com/bid/50133	Trust: 0.6
url:	http://www.promotic.eu/en/promotic/scada-pm.htm	Trust: 0.3
url:	http://aluigi.altervista.org/adv/promotic_1-adv.txt	Trust: 0.3
url:	http://www.us-cert.gov/control_systems/pdf/icsa-12-024-02.pdf	Trust: 0.3

sources: CNVD: CNVD-2012-8766 // BID: 50133 // JVNDB: JVNDB-2011-005231 // CNNVD: CNNVD-201205-483 // NVD: CVE-2011-4519

CREDITS

Luigi Auriemma

Trust: 0.9

sources: BID: 50133 // CNNVD: CNNVD-201205-483

SOURCES

db:	IVD	id:	7d790d41-463f-11e9-9cea-000c29342cb1
db:	IVD	id:	ef3378f2-2352-11e6-abef-000c29c66e3d
db:	CNVD	id:	CNVD-2012-8766
db:	BID	id:	50133
db:	JVNDB	id:	JVNDB-2011-005231
db:	CNNVD	id:	CNNVD-201205-483
db:	NVD	id:	CVE-2011-4519

LAST UPDATE DATE

2024-08-14T14:21:21.644000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2012-8766	date:	2012-05-28T00:00:00
db:	BID	id:	50133	date:	2011-10-14T00:00:00
db:	JVNDB	id:	JVNDB-2011-005231	date:	2013-05-27T00:00:00
db:	CNNVD	id:	CNNVD-201205-483	date:	2013-05-24T00:00:00
db:	NVD	id:	CVE-2011-4519	date:	2013-05-24T04:00:00

SOURCES RELEASE DATE

db:	IVD	id:	7d790d41-463f-11e9-9cea-000c29342cb1	date:	2012-05-28T00:00:00
db:	IVD	id:	ef3378f2-2352-11e6-abef-000c29c66e3d	date:	2012-05-28T00:00:00
db:	CNVD	id:	CNVD-2012-8766	date:	2012-05-28T00:00:00
db:	BID	id:	50133	date:	2011-10-14T00:00:00
db:	JVNDB	id:	JVNDB-2011-005231	date:	2013-05-27T00:00:00
db:	CNNVD	id:	CNNVD-201205-483	date:	1900-01-01T00:00:00
db:	NVD	id:	CVE-2011-4519	date:	2013-05-23T17:55:02.830