CVE-2011-1564
CVE-2011-1564
Multiple integer overflows in the HMI application in DATAC RealFlex RealWin 2.1 (Build 6.1.10.10) and earlier allow remote attackers to execute arbitrary code via crafted (1) On_FC_MISC_FCS_MSGBROADCAST and (2) On_FC_MISC_FCS_MSGSEND packets, which trigger a heap-based buffer overflow.
Affected products
n/a · n/apublic PoCs found — 2
exploitdbwww.exploit-db.com/exploits/17025unverifiedcve_referencewww.exploit-db.com/exploits/17025unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://aluigi.org/adv/realwin_6-adv.txthttp://secunia.com/advisories/43848http://securityreason.com/securityalert/8177http://www.exploit-db.com/exploits/17025http://www.securityfocus.com/bid/46937http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-080-04.pdfhttp://www.vupen.com/english/advisories/2011/0742