Vulnerability Details : CVE-2011-3992
Buffer overflow in the SSH server functionality on the D-Link DES-3800 with firmware before 4.50B052, DWL-2100AP with firmware before 2.50RC548, and DWL-3200AP with firmware before 2.55RC549 allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors.
Vulnerability category: OverflowExecute codeDenial of service
Products affected by CVE-2011-3992
- cpe:2.3:h:dlink:des-3800:*:*:*:*:*:*:*:*
- cpe:2.3:h:dlink:dwl-2100ap:*:*:*:*:*:*:*:*
- cpe:2.3:a:dlink:dwl-2100ap_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:h:dlink:dwl-3200ap:*:*:*:*:*:*:*:*
- cpe:2.3:a:dlink:dwl-3200ap_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:a:dlink:dwl-3200ap_firmware:2.40:*:*:*:*:*:*:*
- cpe:2.3:o:dlink:des-3800_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:dlink:des-3800_firmware:4.00:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2011-3992
2.37%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 84 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2011-3992
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
CWE ids for CVE-2011-3992
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2011-3992
-
http://www.securityfocus.com/bid/50405
D-Link Multiple Products Unspecified Remote Buffer Overflow Vulnerability
-
http://jvn.jp/en/jp/JVN72640744/index.html
JVN#72640744: Multiple D-Link products vulnerable to buffer overflow
-
http://www.dlink-jp.com/page/sc/F/security_info20111028.html
Nothing found for Page Sc F Security_Info20111028
-
http://jvndb.jvn.jp/jvndb/JVNDB-2011-000092
JVNDB-2011-000092 - JVN iPedia - 脆弱性対策情報データベース
-
http://osvdb.org/76628
Jump to