CVE Vulnerabilities

CVE-2011-4039

Published: Feb 10, 2012 | Modified: Feb 14, 2012
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
9.3 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

Invensys Wonderware HMI Reports 3.42.835.0304 and earlier, as used in Ocean Data Systems Dream Report before 4.0 and other products, allows user-assisted remote attackers to execute arbitrary code via a malformed file that triggers a write access violation.

Affected Software

Name Vendor Start Version End Version
Wonderware_hmi_reports Invensys * 3.42.835.0304
Dream_report Dreamreport 3.41 3.41
Dream_report Dreamreport * 3.43
Dream_report Dreamreport 3.21 3.21
Dream_report Dreamreport 3.42 3.42

References