3ssoftware » Codesys : Security Vulnerabilities, CVEs, CVSS score >= 7
Integer overflow in the GatewayService component in 3S CoDeSys 3.4 SP4 Patch 2 allows remote attackers to execute arbitrary code via a large size value in the packet header, which triggers a heap-based buffer overflow.
Max CVSS
7.5
EPSS Score
45.79%
Published
2011-12-25
Updated
2017-08-29
CVE-2011-5007
Public exploit
Stack-based buffer overflow in the CmpWebServer component in 3S CoDeSys 3.4 SP4 Patch 2 and earlier, as used on the ABB AC500 PLC and possibly other products, allows remote attackers to execute arbitrary code via a long URI to TCP port 8080.
Max CVSS
10.0
EPSS Score
70.74%
Published
2011-12-25
Updated
2013-05-21
2 vulnerabilities found