CVE Vulnerability

CVE-2007-4827

Unspecified vulnerability in the Modbus/TCP Diagnostic function in MiniHMI.exe for the Automated Solutions Modbus Slave ActiveX Control before 1.5 allows remote attackers to corrupt the heap and possibly execute arbitrary code via malformed Modbus requests to TCP port 502.

7.5 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 10 / Impact : 6.4

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

Scope

References
Link Resource
http://dvlabs.tippingpoint.com/advisory/TPTI-07-15 Patch
http://www.automatedsolutions.com/pub/asmbslv/ReadMe.htm Patch
http://www.securityfocus.com/bid/25713
http://www.nessus.org/plugins/index.php?view=single&id=26066
http://www.securitytracker.com/id?1018707
http://osvdb.org/38259
http://www.kb.cert.org/vuls/id/981849 US Government Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/36677
http://www.securityfocus.com/archive/1/479967/100/0/threaded
Configurations

Configuration 1

cpe:2.3:a:automated_solutions:modbus_slave_activex_control:*:*:*:*:*:*:*:*
Information

Published : 2007-09-19 06:17

Updated : 2018-10-15 09:38

NVD link : CVE-2007-4827

Mitre link : CVE-2007-4827

Products Affected
No products.
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer