2.0.1

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

atvise

exploit available

NVD

Published: 2012-04-13

Updated: 2012-04-13

Summary

The web server in Certec atvise webMI2ADS (aka webMI) before 2.0.2 does not properly check return values from functions, which allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted HTTP request. Per: http://cwe.mitre.org/data/definitions/476.html 'CWE-476: NULL Pointer Dereference'

Vulnerable Configurations

Part	Description	Count
Application	Atvise Atvise Webmi2Ads 1.0 Atvise Webmi2Ads 2.0 Atvise Webmi2Ads 2.0.1	3

Exploit-Db

description	atvise webMI2ADS Web Server <= 1.0 - Multiple Vulnerabilities. CVE-2011-4880,CVE-2011-4881,CVE-2011-4882,CVE-2011-4883. Dos exploit for windows platform
id	EDB-ID:17963
last seen	2016-02-02
modified	2011-10-10
published	2011-10-10
reporter	Luigi Auriemma
source	https://www.exploit-db.com/download/17963/
title	atvise webMI2ADS Web Server <= 1.0 - Multiple Vulnerabilities

References

http://www.us-cert.gov/control_systems/pdf/ICSA-12-102-01.pdf