Lucene search

[email protected]CVE-2007-4827

HistorySep 19, 2007 - 6:17 p.m.

CVE-2007-4827

2007-09-1918:17:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2007-4827

modbus/tcp

minihmi.exe

automated solutions

modbus slave

activex control

heap corruption

arbitrary code execution

remote attack

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

Low

0.337 Low

EPSS

Percentile

97.1%

JSON

Unspecified vulnerability in the Modbus/TCP Diagnostic function in MiniHMI.exe for the Automated Solutions Modbus Slave ActiveX Control before 1.5 allows remote attackers to corrupt the heap and possibly execute arbitrary code via malformed Modbus requests to TCP port 502.

Affected configurations

NVD

Node

automated_solutionsmodbus_slave_activex_controlRange≤1.4

CPENameOperatorVersion
automated_solutions:modbus_slave_activex_controlautomated solutions modbus slave activex controlle1.4

CPE	Name	Operator	Version
automated_solutions:modbus_slave_activex_control	automated solutions modbus slave activex control	le	1.4

References

dvlabs.tippingpoint.com/advisory/TPTI-07-15

osvdb.org/38259

www.automatedsolutions.com/pub/asmbslv/ReadMe.htm

www.kb.cert.org/vuls/id/981849

www.nessus.org/plugins/index.php?view=single&id=26066

www.securityfocus.com/archive/1/479967/100/0/threaded

www.securityfocus.com/bid/25713

www.securitytracker.com/id?1018707

exchange.xforce.ibmcloud.com/vulnerabilities/36677

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

Low

0.337 Low

EPSS

Percentile

97.1%

JSON

Related for CVE-2007-4827

prion1 securityvulns2 cert1 nvd1 cvelist1