What is CVE-2011-2089?

CVE-2011-2089 is a vulnerability in Iconics Bizviz, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2011-05-13.

Is CVE-2011-2089 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Iconics Bizviz

CVE-2011-2089

Stack-based buffer overflow in the SetActiveXGUID method in the VersionInfo ActiveX control in GenVersion.dll 8.0.138.0 in the WebHMI subsystem in ICONICS BizViz 9.x before 9.22 and GENESIS32 9.x before 9.22 allows remote attackers to exec…

Vulnerability class: Buffer Overflow

EPSS: 0.746 (98.9th percentile) — read the EPSS interpretation.

Affected products

Iconics Bizviz — versions 9.0, 9.01, 9.1
Iconics Genesis32 — versions 9.0, 9.1, 9.01
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

Public proof-of-concept exploits

rapid7/metasploit-framework

References

cve@mitre.org (Exploit, x_refsource_MISC)
72135 (x_refsource_OSVDB, vdb-entry)
44417 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
cve@mitre.org (US Government Resource, x_refsource_MISC)
ADV-2011-1174 (vdb-entry, x_refsource_VUPEN, Vendor Advisory)
47704 (Exploit, vdb-entry, x_refsource_BID)
17240 (Exploit, exploit, x_refsource_EXPLOIT-DB)
17269 (Exploit, exploit, x_refsource_EXPLOIT-DB)
webhmi-activex-bo(67267) (vdb-entry, x_refsource_XF)

Frequently asked questions

What is CVE-2011-2089?: CVE-2011-2089 is a vulnerability in Iconics Bizviz, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2011-05-13.
Is CVE-2011-2089 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.