CVE-2011-1568 Information

Feb 14, 2021 cve

Description

Format string vulnerability in the logText function in shmemmgr9.dll in IGSSdataServer.exe 9.00.00.11074 and 9.00.00.11063 and earlier in 7-Technologies Interactive Graphical SCADA System (IGSS) allows remote attackers to cause a denial of service and possibly execute arbitrary code as demonstrated using the RMS Reports Delete command related to the logging of messages to GSST.LOG. NOTE: some of these details are obtained from third party information.

Reference

http://aluigi.org/adv/igss_6-adv.txt http://secunia.com/advisories/43849 http://securityreason.com/securityalert/8182 http://www.exploit-db.com/exploits/17024 http://www.securityfocus.com/bid/46936 http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-080-03.pdf http://www.vupen.com/english/advisories/2011/0741

Share on: