CVE-2011-4519
published 2013-05-23CVE-2011-4519: Stack-based buffer overflow in an ActiveX component in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to cause a denial of service via a crafted web…
PriorityP427medium4.3CVSS 2.0
AVNACMAuNCNINAP
EXPLOIT
EPSS
2.34%
81.5th percentile
Stack-based buffer overflow in an ActiveX component in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to cause a denial of service via a crafted web page.
Affected
19 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsys | promotic | <= 8.1.4 | — |
| microsys | promotic | — | — |
| microsys | promotic | — | — |
| microsys | promotic | — | — |
| microsys | promotic | — | — |
| microsys | promotic | — | — |
| microsys | promotic | — | — |
| microsys | promotic | — | — |
| microsys | promotic | — | — |
| microsys | promotic | — | — |
| microsys | promotic | — | — |
| microsys | promotic | — | — |
| microsys | promotic | — | — |
| microsys | promotic | — | — |
| microsys | promotic | — | — |
| microsys | promotic | — | — |
| microsys | promotic | — | — |
| microsys | promotic | — | — |
| microsys | promotic | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-3r6v-xfcc-8x46: Stack-based buffer overflow in an ActiveX component in MICROSYS PROMOTIC before 8
ghsa_unreviewed·2022-05-17
CVE-2011-4519 [MEDIUM] CWE-119 GHSA-3r6v-xfcc-8x46: Stack-based buffer overflow in an ActiveX component in MICROSYS PROMOTIC before 8
Stack-based buffer overflow in an ActiveX component in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to cause a denial of service via a crafted web page.
CISA ICS
MICROSYS PROMOTIC Vulnerabilities
cisa_ics·2018-09-06
MICROSYS PROMOTIC Vulnerabilities
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
MICROSYS PROMOTIC Vulnerabilities
Last RevisedSeptember 06, 2018
Alert Code ICSA-12-024-02
## Overview
This advisory is a follow-up to ICS-ALERT-11-286-01 - MICROSYS PROMOTIC Vulnerabilities, released to the ICS-CERT Web page on October 12, 2011.
Independent researcher Luigi Auriemma has identified and released three vulnerabilities in MICROSYS, spol. s r.o. PROMOTIC application without coordination with ICS-CERT, the vendor, or any other known coordinating entity. The vulnerabilities include directory traversal, ActiveX heap overflow, and ActiveX stack overflow vulnerabilities
No detection rules found.
No writeups or analysis indexed.
2013-05-23
Published