CVE-2011-3498

Progea Movicon/PowereHMI <11.2.1085 - Buffer Overflow

Title source: llm

Description

Heap-based buffer overflow in Progea Movicon / PowerHMI 11.2.1085 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long request.

Exploits (1)

exploitdb WRITEUP

doswindows

https://www.exploit-db.com/exploits/17842

View Code ZIP pw:eip

References (3)

[Exploit] http://aluigi.altervista.org/adv/movicon_1-adv.txt

[US Government Resource] http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-256-01.pdf

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/69788

Scores

EPSS 0.5704

EPSS Percentile 98.2%

Details

CWE

CWE-119

Status published

Products (3)

progea/movicon_powerhmi 11

progea/movicon_powerhmi 11.0.1017

progea/movicon_powerhmi < 11.2.1085

Published Sep 16, 2011

Tracked Since Feb 18, 2026