CVE-2007-4827

Sažetak

Unspecified vulnerability in the Modbus/TCP Diagnostic function in MiniHMI.exe for the Automated Solutions Modbus Slave ActiveX Control before 1.5 allows remote attackers to corrupt the heap and possibly execute arbitrary code via malformed Modbus requests to TCP port 502.

Reference

http://dvlabs.tippingpoint.com/advisory/TPTI-07-15
http://osvdb.org/38259
http://www.automatedsolutions.com/pub/asmbslv/ReadMe.htm
http://www.kb.cert.org/vuls/id/981849
http://www.nessus.org/plugins/index.php?view=single&id=26066
http://www.securityfocus.com/archive/1/479967/100/0/threaded
http://www.securityfocus.com/bid/25713
http://www.securitytracker.com/id?1018707
https://exchange.xforce.ibmcloud.com/vulnerabilities/36677

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

15-10-2018 - 21:38

Objavljeno

19-09-2007 - 18:17