Summary
The host is running Schneider Electric Accutech Manager and is prone to buffer overflow vulnerability.
Impact
Successful exploitation will allow remote attackers to execute arbitrary code or cause the application to crash, creating a denial-of-service condition.
Impact Level: System/Application
Solution
Upgrade to Schneider Electric Accutech Manager 2.00.4 or later.
For updates refer to http://www.schneider-electric.com/site/home/index.cfm/ww/
Insight
The flaw is caused by an unspecified error, which can be exploited to cause a heap-based buffer overflow by sending a specially crafted GET request with more than 260 bytes to TCP port 2537.
Affected
Schneider Electric Accutech Manager version 2.00.1 and prior.
References
Severity
Classification
-
CVE CVE-2013-0658 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Shockwave Player ActiveX Control BOF Vulnerability
- Adobe Reader 'Plug-in' Buffer Overflow Vulnerability (Windows)
- ACDSee FotoSlate PLP Multiple Buffer Overflow Vulnerabilities
- DATAC RealWin SCADA Server On_FC_CONNECT_FCS_a_FILE Buffer Overflow Vulnerability
- avast! 'aswRdr.sys' Buffer Overflow Vulnerability