Description
Stack-based buffer overflow in CEServer.exe in the CEServer component in the Remote Agent module in InduSoft Web Studio 6.1 and 7.0 allows remote attackers to execute arbitrary code via a crafted 0x15 (aka Remove File) operation for a file with a long name.
References (3)
Core 3
Core References
US Government Resource x_refsource_misc
http://www.us-cert.gov/control_systems/pdf/ICSA-11-319-01.pdf
Patch x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-11-329/
Patch x_refsource_confirm
http://www.indusoft.com/hotfixes/hotfixes.php
Scores
EPSS
0.0594
EPSS Percentile
92.4%
Details
CWE
CWE-119
Status
published
Products (2)
indusoft/web_studio
6.1
indusoft/web_studio
7.0
Published
Dec 05, 2011
Tracked Since
Feb 18, 2026