Vulnerability Description
Unspecified vulnerability in Rockwell Automation FactoryTalk Diagnostics Viewer before V2.30.00 (CPR9 SR3) allows local users to execute arbitrary code via a crafted FactoryTalk Diagnostics Viewer (.ftd) configuration file, which triggers memory corruption.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Rockwellautomation | Factorytalk Diagnostics Viewer | <= 2.10.02 |
References
- http://rockwellautomation.custhelp.com/app/answers/detail/a_id/448424
- http://www.securityfocus.com/bid/48962
- http://www.us-cert.gov/control_systems/pdf/ICSA-11-175-01.pdfUS Government Resource
- http://rockwellautomation.custhelp.com/app/answers/detail/a_id/448424
- http://www.securityfocus.com/bid/48962
- http://www.us-cert.gov/control_systems/pdf/ICSA-11-175-01.pdfUS Government Resource
FAQ
What is CVE-2011-2957?
CVE-2011-2957 is a vulnerability with a CVSS score of 6.9 (MEDIUM). Unspecified vulnerability in Rockwell Automation FactoryTalk Diagnostics Viewer before V2.30.00 (CPR9 SR3) allows local users to execute arbitrary code via a crafted FactoryTalk Diagnostics Viewer (.f...
How severe is CVE-2011-2957?
CVE-2011-2957 has been rated MEDIUM with a CVSS base score of 6.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-2957?
Check the references section above for vendor advisories and patch information. Affected products include: Rockwellautomation Factorytalk Diagnostics Viewer.