CyberSec.Space Logo
Back to CVE Browser

CVE-2011-0340

CRITICAL
9.3
CVSS Severity Score
EPSS Score0.1560%
EPSS Percentile42.44th
PublishedMay 4, 2011
Last ModifiedApr 29, 2026

Vulnerability Description

Multiple buffer overflows in the ISSymbol ActiveX control in ISSymbol.ocx 61.6.0.0 and 301.1009.2904.0 in the ISSymbol virtual machine, as distributed in Advantech Studio 6.1 SP6 61.6.01.05, InduSoft Web Studio before 7.0+SP1, and InduSoft Thin Client 7.0, allow remote attackers to execute arbitrary code via a long (1) InternationalOrder, (2) InternationalSeparator, or (3) LogFileName property value; or (4) a long bstrFileName argument to the OpenScreen method.

Affected Platforms (CPE)

πŸ“¦
Advantech

Advantech Studio

= 6.1
πŸ“¦
Indusoft

Thin Client

= 7.0
πŸ“¦
Indusoft

Web Studio

<= 7.0
πŸ“¦
Indusoft

Web Studio

= 6.1
πŸ“¦
Indusoft

Web Studio

= 6.1

References & Advisories

πŸ”— http://ics-cert.us-cert.gov/advisories/ICSA-12-249-03
πŸ”— http://secunia.com/advisories/42928
πŸ”— http://secunia.com/advisories/43116
πŸ”— http://secunia.com/secunia_research/2011-36/
πŸ”— http://secunia.com/secunia_research/2011-37/
πŸ”— http://www.advantechdirect.com/eMarketingPrograms/AStudio_Patch/AStudio7.0_Patch_Final.htm
πŸ”— http://www.indusoft.com/hotfixes/hotfixes.php
πŸ”— http://www.securityfocus.com/bid/47596

Related Vulnerabilities

CVE-2011-048810.0

Stack-based buffer overflow in NTWebServer.exe in the test web service in InduSoft NTWebServer, as distributed in Advantech Studio...

CVE-2013-16277.8

Absolute path traversal vulnerability in NTWebServer.exe in Indusoft Studio 7.0 and earlier and Advantech Studio 7.0 and earlier a...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...