CVE Vulnerability

CVE-2008-2474

Buffer overflow in x87 before 3.5.5 in ABB Process Communication Unit 400 (PCU400) 4.4 through 4.6 allows remote attackers to execute arbitrary code via a crafted packet using the (1) IEC60870-5-101 or (2) IEC60870-5-104 communication protocol to the X87 web interface.

10 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 10 / Impact : 10

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

Scope

References
Link Resource
http://www.kb.cert.org/vuls/id/343971 US Government Resource
http://www.securityfocus.com/bid/31391
http://www.kb.cert.org/vuls/id/CTAR-7JTNRX
http://securityreason.com/securityalert/4320
http://secunia.com/advisories/32047
http://www.securityfocus.com/archive/1/496739/100/0/threaded
Configurations

Configuration 1

cpe:2.3:h:abb:pcu400:4.6:*:*:*:*:*:*:*
cpe:2.3:h:abb:pcu400:4.5:*:*:*:*:*:*:*
cpe:2.3:h:abb:pcu400:4.4:*:*:*:*:*:*:*
Information

Published : 2008-09-29 05:17

Updated : 2018-10-11 08:41

NVD link : CVE-2008-2474

Mitre link : CVE-2008-2474

Products Affected
No products.
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer