CVE-2013-0662 Information

Description

Multiple stack-based buffer overflows in ModbusDrv.exe in Schneider Electric Modbus Serial Driver 1.10 through 3.2 allow remote attackers to execute arbitrary code via a large buffer-size value in a Modbus Application Header.

Reference

http://download.schneider-electric.com/files?p_Doc_Ref=SEVD202013-070-01 http://ics-cert.us-cert.gov/advisories/ICSA-14-086-01 http://www.securityfocus.com/bid/66500 https://www.exploit-db.com/exploits/45219/ https://www.exploit-db.com/exploits/45220/