CVE-2011-4881

EUVD-2011-4798
The web server in Certec atvise webMI2ADS (aka webMI) before 2.0.2 does not properly check return values from functions, which allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted HTTP request.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 97%
Affected Products (NVD)
VendorProductVersion
atvisewebmi2ads
𝑥
≤ 2.0.1
atvisewebmi2ads
1.0
atvisewebmi2ads
2.0
𝑥
= Vulnerable software versions
References
http://www.us-cert.gov/control_systems/pdf/ICSA-12-102-01.pdf
http://www.us-cert.gov/control_systems/pdf/ICSA-12-102-01.pdf