Buffer overflow in Advantech Advantech_studio

CVE-2011-0488

Stack-based buffer overflow in NTWebServer.exe in the test web service in InduSoft NTWebServer, as distributed in Advantech Studio 6.1 and InduSoft Web Studio 7.0, allows remote attackers to cause a denial of service (daemon crash) or poss…

Vulnerability class: Buffer Overflow

EPSS: 0.170 (95.1th percentile) — read the EPSS interpretation.

Affected products

Advantech Advantech_studio — versions 6.1
Indusoft Web_studio — versions 7.0
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

42903 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
70396 (x_refsource_OSVDB, vdb-entry)
cve@mitre.org (x_refsource_MISC)
VU#506864 (x_refsource_CERT-VN, US Government Resource, third-party-advisory)
ADV-2011-0093 (vdb-entry, x_refsource_VUPEN, Vendor Advisory)
cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)
cve@mitre.org (US Government Resource, x_refsource_MISC)
ADV-2011-0092 (vdb-entry, x_refsource_VUPEN, Vendor Advisory)
cve@mitre.org (x_refsource_CONFIRM, Patch, Vendor Advisory)
42883 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)