Sign-up

ID

VAR-201305-0005


CVE

CVE-2011-4520


TITLE

MICROSYS PROMOTIC ActiveX Component Heap Buffer Overflow Vulnerability

Trust: 1.0

sources: IVD: 7d78e62e-463f-11e9-baca-000c29342cb1 // IVD: ef2d245c-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-8765

DESCRIPTION

Heap-based buffer overflow in an ActiveX component in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to cause a denial of service via a crafted web page. MICROSYS PROMOTIC is a SCADA software. PROMOTIC is prone to multiple security vulnerabilities. Exploiting these issues may allow remote attackers to execute arbitrary code within the context of the affected application or disclose sensitive information. PROMOTIC 8.1.3 is vulnerable; other versions may also be affected

Trust: 2.88

sources: NVD: CVE-2011-4520 // JVNDB: JVNDB-2011-005232 // CNVD: CNVD-2012-8765 // BID: 50133 // IVD: 7d78e62e-463f-11e9-baca-000c29342cb1 // IVD: ef2d245c-2352-11e6-abef-000c29c66e3d // VULMON: CVE-2011-4520

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 1.0

sources: IVD: 7d78e62e-463f-11e9-baca-000c29342cb1 // IVD: ef2d245c-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-8765

AFFECTED PRODUCTS

vendor:microsysmodel:promoticscope:eqversion:8.0.5

Trust: 1.6

vendor:microsysmodel:promoticscope:eqversion:8.0.1

Trust: 1.6

vendor:microsysmodel:promoticscope:eqversion:8.0.2

Trust: 1.6

vendor:microsysmodel:promoticscope:eqversion:8.0.11

Trust: 1.6

vendor:microsysmodel:promoticscope:eqversion:8.0.0

Trust: 1.6

vendor:microsysmodel:promoticscope:eqversion:8.0.10

Trust: 1.6

vendor:microsysmodel:promoticscope:eqversion:8.0.4

Trust: 1.6

vendor:microsysmodel:promoticscope:eqversion:8.0.12

Trust: 1.6

vendor:microsysmodel:promoticscope:eqversion:8.0.13

Trust: 1.6

vendor:microsysmodel:promoticscope:eqversion:8.0.3

Trust: 1.6

vendor:microsysmodel:promoticscope:eqversion:8.0.9

Trust: 1.0

vendor:microsysmodel:promoticscope:eqversion:8.0.6

Trust: 1.0

vendor:microsysmodel:promoticscope:eqversion:8.0.7

Trust: 1.0

vendor:microsysmodel:promoticscope:eqversion:8.1.0

Trust: 1.0

vendor:microsysmodel:promoticscope:eqversion:8.1.3

Trust: 1.0

vendor:microsysmodel:promoticscope:eqversion:8.1.2

Trust: 1.0

vendor:microsysmodel:promoticscope:lteversion:8.1.4

Trust: 1.0

vendor:microsysmodel:promoticscope:eqversion:8.1.1

Trust: 1.0

vendor:microsysmodel:promoticscope:eqversion:8.0.8

Trust: 1.0

vendor:microsysmodel:promoticscope:ltversion:8.1.5

Trust: 0.8

vendor:promoticmodel:promoticscope:eqversion:8.x

Trust: 0.6

vendor:promoticmodel: - scope:eqversion:8.0.0

Trust: 0.4

vendor:promoticmodel: - scope:eqversion:8.0.1

Trust: 0.4

vendor:promoticmodel: - scope:eqversion:8.0.2

Trust: 0.4

vendor:promoticmodel: - scope:eqversion:8.0.3

Trust: 0.4

vendor:promoticmodel: - scope:eqversion:8.0.4

Trust: 0.4

vendor:promoticmodel: - scope:eqversion:8.0.5

Trust: 0.4

vendor:promoticmodel: - scope:eqversion:8.0.6

Trust: 0.4

vendor:promoticmodel: - scope:eqversion:8.0.7

Trust: 0.4

vendor:promoticmodel: - scope:eqversion:8.0.8

Trust: 0.4

vendor:promoticmodel: - scope:eqversion:8.0.9

Trust: 0.4

vendor:promoticmodel: - scope:eqversion:8.0.10

Trust: 0.4

vendor:promoticmodel: - scope:eqversion:8.0.11

Trust: 0.4

vendor:promoticmodel: - scope:eqversion:8.0.12

Trust: 0.4

vendor:promoticmodel: - scope:eqversion:8.0.13

Trust: 0.4

vendor:promoticmodel: - scope:eqversion:8.1.0

Trust: 0.4

vendor:promoticmodel: - scope:eqversion:8.1.1

Trust: 0.4

vendor:promoticmodel: - scope:eqversion:8.1.2

Trust: 0.4

vendor:promoticmodel: - scope:eqversion:8.1.3

Trust: 0.4

vendor:promoticmodel: - scope:eqversion:*

Trust: 0.4

vendor:promoticmodel:promoticscope:eqversion:8.1.3

Trust: 0.3

sources: IVD: 7d78e62e-463f-11e9-baca-000c29342cb1 // IVD: ef2d245c-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-8765 // BID: 50133 // JVNDB: JVNDB-2011-005232 // NVD: CVE-2011-4520 // CNNVD: CNNVD-201205-484

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2011-4520
value: MEDIUM

Trust: 1.8

CNVD: CNVD-2012-8765
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201205-484
value: MEDIUM

Trust: 0.6

IVD: 7d78e62e-463f-11e9-baca-000c29342cb1
value: MEDIUM

Trust: 0.2

IVD: ef2d245c-2352-11e6-abef-000c29c66e3d
value: MEDIUM

Trust: 0.2

VULMON: CVE-2011-4520
value: MEDIUM

Trust: 0.1

NVD:
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: FALSE
obtainAllPrivilege: FALSE
obtainUserPrivilege: FALSE
obtainOtherPrivilege: FALSE
userInteractionRequired: TRUE
version: 2.0

Trust: 1.0

NVD: CVE-2011-4520
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.9

CNVD: CNVD-2012-8765
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 7d78e62e-463f-11e9-baca-000c29342cb1
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

IVD: ef2d245c-2352-11e6-abef-000c29c66e3d
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

sources: IVD: 7d78e62e-463f-11e9-baca-000c29342cb1 // IVD: ef2d245c-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-8765 // VULMON: CVE-2011-4520 // JVNDB: JVNDB-2011-005232 // NVD: CVE-2011-4520 // CNNVD: CNNVD-201205-484

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.8

sources: JVNDB: JVNDB-2011-005232 // NVD: CVE-2011-4520

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201205-484

TYPE

Buffer overflow

Trust: 1.0

sources: IVD: 7d78e62e-463f-11e9-baca-000c29342cb1 // IVD: ef2d245c-2352-11e6-abef-000c29c66e3d // CNNVD: CNNVD-201205-484

CONFIGURATIONS

sources:
            
            
            NVD: CVE-2011-4520

EXPLOIT AVAILABILITY
sources:
            
            
            VULMON: CVE-2011-4520

PATCH
title:Version 8.1.5 (from 28.11.2011) - stable versionurl:http://www.promotic.eu/en/pmdoc/news.htm#ver80105
Trust: 0.8
title:MICROSYS PROMOTIC ActiveX Component Heap Buffer Overflow Vulnerability Patchurl:https://www.cnvd.org.cn/patchinfo/show/34304
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2012-8765 // 
            
            
            
            JVNDB: JVNDB-2011-005232

EXTERNAL IDS
db:NVDid:CVE-2011-4520
Trust: 3.5
db:ICS CERTid:ICSA-12-024-02
Trust: 3.4
db:BIDid:50133
Trust: 1.5
db:CNVDid:CNVD-2012-8765
Trust: 1.0
db:CNNVDid:CNNVD-201205-484
Trust: 1.0
db:JVNDBid:JVNDB-2011-005232
Trust: 0.8
db:IVDid:7D78E62E-463F-11E9-BACA-000C29342CB1
Trust: 0.2
db:IVDid:EF2D245C-2352-11E6-ABEF-000C29C66E3D
Trust: 0.2
db:EXPLOIT-DBid:18049
Trust: 0.1
db:VULMONid:CVE-2011-4520
Trust: 0.1
sources:
            
            
            IVD: 7d78e62e-463f-11e9-baca-000c29342cb1 // 
            
            
            
            IVD: ef2d245c-2352-11e6-abef-000c29c66e3d // 
            
            
            
            CNVD: CNVD-2012-8765 // 
            
            
            
            VULMON: CVE-2011-4520 // 
            
            
            
            BID: 50133 // 
            
            
            
            JVNDB: JVNDB-2011-005232 // 
            
            
            
            NVD: CVE-2011-4520 // 
            
            
            
            CNNVD: CNNVD-201205-484

REFERENCES
url:http://ics-cert.us-cert.gov/advisories/icsa-12-024-02
Trust: 3.2
url:http://www.promotic.eu/en/pmdoc/news.htm#ver80105
Trust: 2.0
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4520
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4520
Trust: 0.8
url:http://www.securityfocus.com/bid/50133
Trust: 0.6
url:http://www.promotic.eu/en/promotic/scada-pm.htm
Trust: 0.3
url:http://aluigi.altervista.org/adv/promotic_1-adv.txt
Trust: 0.3
url:http://www.us-cert.gov/control_systems/pdf/icsa-12-024-02.pdf
Trust: 0.3
url:https://cwe.mitre.org/data/definitions/119.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://www.exploit-db.com/exploits/18049/
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2012-8765 // 
            
            
            
            VULMON: CVE-2011-4520 // 
            
            
            
            BID: 50133 // 
            
            
            
            JVNDB: JVNDB-2011-005232 // 
            
            
            
            NVD: CVE-2011-4520 // 
            
            
            
            CNNVD: CNNVD-201205-484

CREDITS
Luigi Auriemma
Trust: 0.9
sources:
            
            
            BID: 50133 // 
            
            
            
            CNNVD: CNNVD-201205-484

SOURCES
db:IVDid:7d78e62e-463f-11e9-baca-000c29342cb1
db:IVDid:ef2d245c-2352-11e6-abef-000c29c66e3d
db:CNVDid:CNVD-2012-8765
db:VULMONid:CVE-2011-4520
db:BIDid:50133
db:JVNDBid:JVNDB-2011-005232
db:NVDid:CVE-2011-4520
db:CNNVDid:CNNVD-201205-484

LAST UPDATE DATE
2023-12-18T12:09:22.208000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2012-8765date:2012-05-28T00:00:00
db:VULMONid:CVE-2011-4520date:2013-05-24T00:00:00
db:BIDid:50133date:2011-10-14T00:00:00
db:JVNDBid:JVNDB-2011-005232date:2013-05-27T00:00:00
db:NVDid:CVE-2011-4520date:2013-05-24T04:00:00
db:CNNVDid:CNNVD-201205-484date:2013-05-24T00:00:00

SOURCES RELEASE DATE
db:IVDid:7d78e62e-463f-11e9-baca-000c29342cb1date:2012-05-28T00:00:00
db:IVDid:ef2d245c-2352-11e6-abef-000c29c66e3ddate:2012-05-28T00:00:00
db:CNVDid:CNVD-2012-8765date:2012-05-28T00:00:00
db:VULMONid:CVE-2011-4520date:2013-05-23T00:00:00
db:BIDid:50133date:2011-10-14T00:00:00
db:JVNDBid:JVNDB-2011-005232date:2013-05-27T00:00:00
db:NVDid:CVE-2011-4520date:2013-05-23T17:55:02.850
db:CNNVDid:CNNVD-201205-484date:1900-01-01T00:00:00