CVE-2011-2530

Buffer overflow in RSEds.dll in RSHWare.exe in the EDS Hardware Installation Tool 1.0.5.1 and earlier in Rockwell Automation RSLinx Classic before 2.58 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed .eds file.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 71%
VendorProductVersion
rockwellautomationrslinx
𝑥
< 2.58
rockwellautomationeds_hardware_installation_tool
𝑥
≤ 1.0.5.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://rockwellautomation.custhelp.com/app/answers/detail/a_id/279194
http://www.kb.cert.org/vuls/id/127584
http://www.kb.cert.org/vuls/id/MAPG-8G9PWX
http://www.securityfocus.com/bid/48092
http://rockwellautomation.custhelp.com/app/answers/detail/a_id/279194
http://www.kb.cert.org/vuls/id/127584
http://www.kb.cert.org/vuls/id/MAPG-8G9PWX
http://www.securityfocus.com/bid/48092