What is CVE-2011-4034?

CVE-2011-4034 is a vulnerability in Schneider-electric Citecthistorian, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2011-12-02.

Is CVE-2011-4034 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Schneider-electric Citecthistorian

CVE-2011-4034

Buffer overflow in the Steema TeeChart ActiveX control, as used in Schneider Electric Vijeo Historian 4.30 and earlier, CitectHistorian 4.30 and earlier, and CitectSCADAReports 4.10 and earlier, allows remote attackers to execute arbitrary…

Vulnerability class: Buffer Overflow

EPSS: 0.558 (98.1th percentile) — read the EPSS interpretation.

Affected products

Schneider-electric Citecthistorian — versions 4.20
Schneider-electric Citectscada_reports — versions 4.0
Schneider-electric Vijeo_historian — versions 4.0, 4.10, 4.20
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

Public proof-of-concept exploits

rapid7/metasploit-framework

References

cret@cert.org (x_refsource_CONFIRM, Patch, Vendor Advisory)
cret@cert.org (US Government Resource, Patch, x_refsource_MISC)
cret@cert.org (x_refsource_CONFIRM, Patch, Vendor Advisory)

Frequently asked questions

What is CVE-2011-4034?: CVE-2011-4034 is a vulnerability in Schneider-electric Citecthistorian, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2011-12-02.
Is CVE-2011-4034 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.