CVE-2011-2957

Sažetak

Unspecified vulnerability in Rockwell Automation FactoryTalk Diagnostics Viewer before V2.30.00 (CPR9 SR3) allows local users to execute arbitrary code via a crafted FactoryTalk Diagnostics Viewer (.ftd) configuration file, which triggers memory corruption.

Reference

http://rockwellautomation.custhelp.com/app/answers/detail/a_id/448424
http://www.securityfocus.com/bid/48962
http://www.us-cert.gov/control_systems/pdf/ICSA-11-175-01.pdf

CVSS

Base:	6.9
Impact:	10.0
Exploitability:	3.4

Pristup

Vektor	Složenost	Autentikacija
LOCAL	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:M/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

12-08-2011 - 02:45

Objavljeno

28-07-2011 - 18:55