Release DateDec 22, 2011 |
Severityhigh |
ImpactSystem Compromise: Remote attackers can gain control of vulnerable systems. |
DescriptionThis indicates an attack attempt against an Integer Overflow vulnerability in Smart Software Solutions CoDeSys.The vulnerability is due to a lack of validation of a user-supplied length value. Successful attacks may allow attackers to execute arbitrary code within the context of the service. |
Affected ProductsSmart Software Solutions CoDeSys 3.4 SP4 patch 2 and prior |
Recommended ActionsCurrently we are not aware of any vendor supplied patches. |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2011-5008 |
Reference/shttps://portal.telussecuritylabs.com/threat/TSL20111202-08http://www.securityfocus.com/bid/50849 (BugTraq) |
