CyberSec.Space Logo
Back to CVE Browser

CVE-2011-0342

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1200%
EPSS Percentile10.87th
PublishedSep 2, 2011
Last ModifiedApr 29, 2026

Vulnerability Description

Multiple buffer overflows in the InduSoft ISSymbol ActiveX control in ISSymbol.ocx 301.1104.601.0 in InduSoft Web Studio 7.0B2 hotfix 7.0.01.04 allow remote attackers to execute arbitrary code via a long parameter to the (1) Open, (2) Close, or (3) SetCurrentLanguage method.

Affected Platforms (CPE)

πŸ“¦
Indusoft

Web Studio

= 7.0b2

References & Advisories

πŸ”— http://ics-cert.us-cert.gov/advisories/ICSA-11-273-02
πŸ”— http://secunia.com/advisories/44875
πŸ”— http://secunia.com/secunia_research/2011-61/
πŸ”— http://www.indusoft.com/hotfixes/hotfixes.php
πŸ”— http://www.securityfocus.com/bid/49403
πŸ”— http://ics-cert.us-cert.gov/advisories/ICSA-11-273-02
πŸ”— http://secunia.com/advisories/44875
πŸ”— http://secunia.com/secunia_research/2011-61/

Related Vulnerabilities

CVE-2011-405110.0

CEServer.exe in the CEServer component in the Remote Agent module in InduSoft Web Studio 6.1 and 7.0 does not require authenticati...

CVE-2011-190010.0

Directory traversal vulnerability in NTWebServer in InduSoft Web Studio 6.1 and 7.x before 7.0+Patch 1 allows remote attackers to ...

CVE-2011-048810.0

Stack-based buffer overflow in NTWebServer.exe in the test web service in InduSoft NTWebServer, as distributed in Advantech Studio...

CVE-2012-123910.0

The TopAccess web-based management interface on TOSHIBA TEC e-Studio multi-function peripheral (MFP) devices with firmware 30x thr...