Lucene search

MitreCVE-2011-5089

HistoryApr 18, 2012 - 5:55 p.m.

CVE-2011-5089

2012-04-1817:55:01

CWE-119

mitre

web.nvd.nist.gov

cve-2011-5089

buffer overflow

security login

activex controls

iconics genesis32

bizviz

denial of service

remote attackers

arbitrary code

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

8.5

Confidence

High

EPSS

0.042

Percentile

92.2%

JSON

Buffer overflow in the Security Login ActiveX controls in ICONICS GENESIS32 8.05, 9.0, 9.1, and 9.2 and BizViz 8.05, 9.0, 9.1, and 9.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long password.

Affected configurations

Nvd

Node

iconicsgenesis32Match8.05

iconicsgenesis32Match9.0

iconicsgenesis32Match9.1

iconicsgenesis32Match9.2

Node

iconicsbizvizMatch8.05

iconicsbizvizMatch9.0

iconicsbizvizMatch9.1

iconicsbizvizMatch9.2

VendorProductVersionCPE
iconicsgenesis328.05cpe:2.3:a:iconics:genesis32:8.05:*:*:*:*:*:*:*
iconicsgenesis329.0cpe:2.3:a:iconics:genesis32:9.0:*:*:*:*:*:*:*
iconicsgenesis329.1cpe:2.3:a:iconics:genesis32:9.1:*:*:*:*:*:*:*
iconicsgenesis329.2cpe:2.3:a:iconics:genesis32:9.2:*:*:*:*:*:*:*
iconicsbizviz8.05cpe:2.3:a:iconics:bizviz:8.05:*:*:*:*:*:*:*
iconicsbizviz9.0cpe:2.3:a:iconics:bizviz:9.0:*:*:*:*:*:*:*
iconicsbizviz9.1cpe:2.3:a:iconics:bizviz:9.1:*:*:*:*:*:*:*
iconicsbizviz9.2cpe:2.3:a:iconics:bizviz:9.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
iconics	genesis32	8.05	cpe:2.3:a:iconics:genesis32:8.05:::::::*
iconics	genesis32	9.0	cpe:2.3:a:iconics:genesis32:9.0:::::::*
iconics	genesis32	9.1	cpe:2.3:a:iconics:genesis32:9.1:::::::*
iconics	genesis32	9.2	cpe:2.3:a:iconics:genesis32:9.2:::::::*
iconics	bizviz	8.05	cpe:2.3:a:iconics:bizviz:8.05:::::::*
iconics	bizviz	9.0	cpe:2.3:a:iconics:bizviz:9.0:::::::*
iconics	bizviz	9.1	cpe:2.3:a:iconics:bizviz:9.1:::::::*
iconics	bizviz	9.2	cpe:2.3:a:iconics:bizviz:9.2:::::::*

References

www.us-cert.gov/control_systems/pdf/ICSA-11-182-02.pdf

exchange.xforce.ibmcloud.com/vulnerabilities/74932

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

8.5

Confidence

High

EPSS

0.042

Percentile

92.2%

JSON

Related for CVE-2011-5089