CVE-2008-2474
CVE-2008-2474
10.0
CriticalPublished:
Last updated:
Source:cret@cert.org
Modified
Weakness (CWE)
CVSS Vector
v2.0- Attack Vector
- Network
- Attack Complexity
- Low
- Authentication
- None
- Confidentiality
- Complete
- Integrity
- Complete
- Availability
- Complete
Description
Buffer overflow in x87 before 3.5.5 in ABB Process Communication Unit 400 (PCU400) 4.4 through 4.6 allows remote attackers to execute arbitrary code via a crafted packet using the (1) IEC60870-5-101 or (2) IEC60870-5-104 communication protocol to the X87 web interface.
References
cret@cert.org
http://secunia.com/advisories/32047cret@cert.org
http://securityreason.com/securityalert/4320cret@cert.org
http://www.kb.cert.org/vuls/id/343971cret@cert.org
http://www.kb.cert.org/vuls/id/CTAR-7JTNRXcret@cert.org
http://www.securityfocus.com/bid/31391af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/32047af854a3a-2127-422b-91ae-364da2661108
http://securityreason.com/securityalert/4320af854a3a-2127-422b-91ae-364da2661108
http://www.kb.cert.org/vuls/id/343971af854a3a-2127-422b-91ae-364da2661108
http://www.kb.cert.org/vuls/id/CTAR-7JTNRXaf854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/archive/1/496739/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/31391