Vulnerability Description
Multiple stack-based buffer overflows in GE Intelligent Platforms Proficy Applications before 4.4.1 SIM 101 and 5.x before 5.0 SIM 43 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted TCP message traffic to (1) PRProficyMgr.exe in Proficy Server Manager, (2) PRGateway.exe in Proficy Server Gateway, (3) PRRDS.exe in Proficy Remote Data Service, or (4) PRLicenseMgr.exe in Proficy Server License Manager.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ge | Intelligent Platforms Proficy Historian | <= 4.4.1 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/50474
- http://www.us-cert.gov/control_systems/pdf/ICSA-11-243-01.pdfUS Government Resource
- http://www.securityfocus.com/bid/50474
- http://www.us-cert.gov/control_systems/pdf/ICSA-11-243-01.pdfUS Government Resource
FAQ
What is CVE-2011-1919?
CVE-2011-1919 is a vulnerability with a CVSS score of 10.0 (HIGH). Multiple stack-based buffer overflows in GE Intelligent Platforms Proficy Applications before 4.4.1 SIM 101 and 5.x before 5.0 SIM 43 allow remote attackers to cause a denial of service (daemon crash)...
How severe is CVE-2011-1919?
CVE-2011-1919 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-1919?
Check the references section above for vendor advisories and patch information. Affected products include: Ge Intelligent Platforms Proficy Historian.