CVE-2011-3330
Last modified
CVE-2011-3330 is a vulnerability of currently unknown severity. Buffer overflow in the UnitelWay Windows Device Driver, as used in Schneider Electric Unity Pro 6 and earlier, OPC Factory Server 3.34, Vijeo Citect 7.20 and earlier, Telemecanique Driver Pack 2.6 and earlier, Monitor Pro 7.6 and earlier, and PL7 Pro 4.5 and earlier, allows local users, and possibly remote attackers, to execute arbitrary code via an unspecified system parameter.. EPSS estimates a 1.30% chance of exploitation in the next 30 days.
Description
Buffer overflow in the UnitelWay Windows Device Driver, as used in Schneider Electric Unity Pro 6 and earlier, OPC Factory Server 3.34, Vijeo Citect 7.20 and earlier, Telemecanique Driver Pack 2.6 and earlier, Monitor Pro 7.6 and earlier, and PL7 Pro 4.5 and earlier, allows local users, and possibly remote attackers, to execute arbitrary code via an unspecified system parameter.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Schneider-Electric | Monitor Pro | <= 7.6 | — |
| Schneider-Electric | Opc Factory Server | <= 3.34 | — |
| Schneider-Electric | Pl7 Pro | <= 4.5 | Sp5 |
| Schneider-Electric | Telemecanique Driver Pack | <= 2.6 | — |
| Schneider-Electric | Unity Pro | <= 6.0 | — |
| Schneider-Electric | Vijeo Citect | <= 7.20 | — |
References
- http://secunia.com/advisories/46534Vendor Advisory
- http://www.us-cert.gov/control_systems/pdf/ICSA-11-277-01.pdfUS Government Resource
- http://secunia.com/advisories/46534Vendor Advisory
- http://www.us-cert.gov/control_systems/pdf/ICSA-11-277-01.pdfUS Government Resource
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2011-3330?
How severe is CVE-2011-3330?
How do I fix CVE-2011-3330?
Are you affected by CVE-2011-3330?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST