Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-07-29 | CVE-2011-2962 | Buffer Errors vulnerability in Invensys Wonderware Information Server 3.1/4.0 Multiple stack-based buffer overflows in Invensys Wonderware Information Server 3.1, 4.0, and 4.0 SP1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via two unspecified ActiveX controls. | 9.3 |
| 2011-07-29 | CVE-2011-2961 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Sunwayland Pnetpower Heap-based buffer overflow in AngelServer.exe 6.0.11.3 in Sunway pNetPower allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted UDP packet. | 10.0 |
| 2011-07-29 | CVE-2011-2960 | Buffer Errors vulnerability in Sunwayland Forcecontrol 6.1 Heap-based buffer overflow in httpsvr.exe 6.0.5.3 in Sunway ForceControl 6.1 SP1, SP2, and SP3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted URL. | 10.0 |
| 2011-07-29 | CVE-2011-2959 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in 7T Igss Stack-based buffer overflow in the Open Database Connectivity (ODBC) service (Odbcixv9se.exe) in 7-Technologies Interactive Graphical SCADA System (IGSS) 9 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet to TCP port 22202. | 10.0 |
| 2011-07-28 | CVE-2011-2549 | Denial of Service vulnerability in Cisco ASR 9006 Router, ASR 9010 Router and IOS XR Unspecified vulnerability in Cisco IOS XR 4.1.x before 4.1.1 on Cisco Aggregation Services Routers (ASR) 9000 series devices allows remote attackers to cause a denial of service (line-card reload) via an IPv4 packet, aka Bug ID CSCtr26695. | 7.8 |
| 2011-07-28 | CVE-2011-2547 | Permissions, Privileges, and Access Controls vulnerability in Cisco products The web-based management interface on Cisco SA 500 series security appliances with software before 2.1.19 allows remote authenticated users to execute arbitrary commands via crafted parameters to web forms, aka Bug ID CSCtq65681. | 9.0 |
| 2011-07-28 | CVE-2011-2546 | SQL Injection vulnerability in Cisco products SQL injection vulnerability in the web-based management interface on Cisco SA 500 series security appliances with software before 2.1.19 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCtq65669. | 5.0 |
| 2011-07-28 | CVE-2011-2958 | Cross-Site Scripting vulnerability in Ecava Integraxor Multiple cross-site scripting (XSS) vulnerabilities in Ecava IntegraXor before 3.60 (Build 4080) allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2011-07-28 | CVE-2011-2957 | Remote Code Execution vulnerability in Rockwellautomation Factorytalk Diagnostics Viewer 2.10/2.10.01 Unspecified vulnerability in Rockwell Automation FactoryTalk Diagnostics Viewer before V2.30.00 (CPR9 SR3) allows local users to execute arbitrary code via a crafted FactoryTalk Diagnostics Viewer (.ftd) configuration file, which triggers memory corruption. local rockwellautomation | 6.9 |
| 2011-07-28 | CVE-2011-2956 | Improper Authentication vulnerability in Azeotech Daqfactory AzeoTech DAQFactory before 5.85 (Build 1842) does not perform authentication for certain signals, which allows remote attackers to cause a denial of service (system reboot or shutdown) via a signal. | 7.8 |