Buffer overflow in Schneider-electric Monitor_pro

CVE-2011-3330

Buffer overflow in the UnitelWay Windows Device Driver, as used in Schneider Electric Unity Pro 6 and earlier, OPC Factory Server 3.34, Vijeo Citect 7.20 and earlier, Telemecanique Driver Pack 2.6 and earlier, Monitor Pro 7.6 and earlier…

Vulnerability class: Buffer Overflow

EPSS: 0.015 (81.3th percentile) — read the EPSS interpretation.

Affected products

Schneider-electric Monitor_pro
Schneider-electric Opc_factory_server
Schneider-electric Pl7_pro
Schneider-electric Telemecanique_driver_pack
Schneider-electric Unity_pro
Schneider-electric Vijeo_citect
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

schneider-unitelway-bo(70882) (vdb-entry, x_refsource_XF)
50319 (vdb-entry, x_refsource_BID)
cret@cert.org (US Government Resource, x_refsource_MISC)
cret@cert.org (x_refsource_CONFIRM, Vendor Advisory)
46534 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
1026234 (vdb-entry, x_refsource_SECTRACK)