Progea Movicon < 11.2 Build 1086 Multiple Vulnerabilities
Critical Nessus Network Monitor Plugin ID 7142
SynopsisA vulnerable version of Progea Movicon has been detected.
DescriptionThe detected version of Progea Movicon is affected by multiple vulnerabilities:
- There is a remote heap-based buffer overflow vulnerability related to erroneous parsing of the Content-Length HTTP request header. (CVE-2011-3491)
- A remote heap-based buffer overflow vulnerability exists related to HTTP requests. (CVE-2011-3498)
- A remote denial of service vulnerability exists related to an EIDP packet with too large of a size field. The specially crafted EIDP packet will cause the application to crash, and there is the possibility of arbitrary code execution. (CVE-2011-3499)
SolutionUpgrade to Progea Movicon 11.2 Build 1086 or later.