CVE-2011-4034

Steema TeeChart ActiveX < - Buffer Overflow

Title source: llm

Description

Buffer overflow in the Steema TeeChart ActiveX control, as used in Schneider Electric Vijeo Historian 4.30 and earlier, CitectHistorian 4.30 and earlier, and CitectSCADAReports 4.10 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors.

Exploits (1)

metasploit WORKING POC NORMAL

rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/teechart_pro.rb

View Code ZIP pw:eip

References (3)

[Patch, Vendor Advisory] http://www.scada.schneider-electric.com/sites/scada/en/login/historian-vulnerability.page

[Patch, US Government Resource] http://www.us-cert.gov/control_systems/pdf/ICSA-11-307-01.pdf

[Patch, Vendor Advisory] http://www.citect.com/index.php?option=com_content&view=article&id=1656&Itemid=1695

Scores

EPSS 0.5583

EPSS Percentile 98.1%

Details

CWE

CWE-119

Status published

Products (8)

schneider-electric/citecthistorian 4.20

schneider-electric/citecthistorian < 4.30

schneider-electric/citectscada_reports 4.0

schneider-electric/citectscada_reports < 4.10

schneider-electric/vijeo_historian 4.0

schneider-electric/vijeo_historian 4.10

schneider-electric/vijeo_historian 4.20

schneider-electric/vijeo_historian < 4.30

Published Dec 02, 2011

Tracked Since Feb 18, 2026