RVD#914: Stack-based buffer overflow in the CmpWebServer component in 3S C #914
Description
{
"id": 914,
"title": "RVD#914: Stack-based buffer overflow in the CmpWebServer component in 3S C",
"type": "vulnerability",
"description": "Stack-based buffer overflow in the CmpWebServer component in 3S CoDeSys 3.4 SP4 Patch 2 and earlier, as used on the ABB AC500 PLC and possibly other products, allows remote attackers to execute arbitrary code via a long URI to TCP port 8080.",
"cwe": "None",
"cve": "CVE-2011-5007",
"keywords": "['robot component: ABB AC500 PLC']",
"system": "ABB AC500 PLC",
"vendor": "ABB",
"severity": {
"rvss-score": 8.5,
"rvss-vector": "RVSS:1.0/AV:RN/AC:L/PR:N/UI:R/Y:M/S:U/C:H/I:N/A:L/H:N",
"severity-description": "",
"cvss-score": 10.0,
"cvss-vector": "CVSS:3.0/AV:N/AC:L/Au:N/C:C/I:C/A:C"
},
"links": [
"https://vulners.com/cve/CVE-2011-5007",
"https://github.com/aliasrobotics/RVD/issues/914"
],
"flaw": {
"phase": "unknown",
"specificity": "N/A",
"architectural-location": "N/A",
"application": "N/A",
"subsystem": "N/A",
"package": "N/A",
"languages": "None",
"date-detected": "",
"detected-by": "",
"detected-by-method": "N/A",
"date-reported": "2011-12-25",
"reported-by": "",
"reported-by-relationship": "N/A",
"issue": "https://github.com/aliasrobotics/RVD/issues/914",
"reproducibility": "",
"trace": "",
"reproduction": "",
"reproduction-image": ""
},
"exploitation": {
"description": "",
"exploitation-image": "",
"exploitation-vector": ""
},
"mitigation": {
"description": "",
"pull-request": "",
"date-mitigation": null
}
}