CVE-2011-3321: Buffer Overflow
First published: Thu Sep 15 2011(Updated: )
Heap-based buffer overflow in the Siemens WinCC Runtime Advanced Loader, as used in SIMATIC WinCC flexible Runtime and SIMATIC WinCC (TIA Portal) Runtime Advanced, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted packet to TCP port 2308.
Credit: cret@cert.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Siemens Simatic Wincc Runtime | ||
| Siemens Simatic Wincc Flexible Runtime |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.us-cert.gov/control_systems/pdf/ICSA-11-244-01.pdf
- http://support.automation.siemens.com/WW/view/en/29054992
- http://cache.automation.siemens.com/dnl/jI/jI0NDY5AAAA_29054992_FAQ/Siemens_Security_Advisory_SSA-460621_V1_2.pdf
- http://secunia.com/advisories/46011
- https://exchange.xforce.ibmcloud.com/vulnerabilities/69803
- collector/nvd-historical
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/type
- agent/description
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/siemens
- canonical/siemens simatic wincc runtime
- canonical/siemens simatic wincc flexible runtime