CVE-2011-2962
Invensys Wonderware Information Server 3.1, 4.0, and 4.0 SP1 - Stack-Based Buffer Overflow via ActiveX Controls
Title source: llmDescription
Multiple stack-based buffer overflows in Invensys Wonderware Information Server 3.1, 4.0, and 4.0 SP1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via two unspecified ActiveX controls.
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/48976
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/68988
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/45476
US Government Resource x_refsource_misc
http://www.us-cert.gov/control_systems/pdf/ICSA-11-195-01.pdf
Scores
EPSS
0.0456
EPSS Percentile
90.5%
Details
CWE
CWE-119
Status
published
Products (2)
invensys/wonderware_information_server
3.1
invensys/wonderware_information_server
4.0 (2 CPE variants)
Published
Jul 29, 2011
Tracked Since
Feb 18, 2026