CVE-2011-4034

Buffer overflow in the Steema TeeChart ActiveX control, as used in Schneider Electric Vijeo Historian 4.30 and earlier, CitectHistorian 4.30 and earlier, and CitectSCADAReports 4.10 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
schneider-electricvijeo_historian
𝑥
≤ 4.30
schneider-electricvijeo_historian
4.0
schneider-electricvijeo_historian
4.10
schneider-electricvijeo_historian
4.20
schneider-electriccitecthistorian
𝑥
≤ 4.30
schneider-electriccitecthistorian
4.20
schneider-electriccitectscada_reports
𝑥
≤ 4.10
schneider-electriccitectscada_reports
4.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.citect.com/index.php?option=com_content&view=article&id=1656&Itemid=1695
http://www.scada.schneider-electric.com/sites/scada/en/login/historian-vulnerability.page
http://www.us-cert.gov/control_systems/pdf/ICSA-11-307-01.pdf
http://www.citect.com/index.php?option=com_content&view=article&id=1656&Itemid=1695
http://www.scada.schneider-electric.com/sites/scada/en/login/historian-vulnerability.page
http://www.us-cert.gov/control_systems/pdf/ICSA-11-307-01.pdf