VDB
CVE-2008-4322
CVE-2008-4322
PUBLISHED
KEV
CVSS 10 CRITICAL
Stack-based buffer overflow in RealFlex Technologies Ltd. RealWin Server 2.0, as distributed by DATAC, allows remote attackers to execute arbitrary code via a crafted FC_INFOTAG/SET_CONTROL packet.
EPSS 74.19% · 98.9th percentile
Risk Scores
CVSS 2.0
10
EPSS Score
74.19%
98.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| realflex_technologies_ltd | realwin_server | 2.0 |
Timeline
- Sep 26, 2008 CVE Published
- Sep 26, 2008 PoC Published
- May 9, 2010 PoC Published
- Dec 23, 2010 PoC Published
- May 29, 2018 PoC Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 30, 2023 EPSS Score
References
- realwin-scada-fcinfotagsetcontrol-bo(45465) vdb
- http://reversemode.com/index.php?option=com_content&task=view&id=55&Itemid=1 url
- 20080926 DATAC RealWin 2.0 SCADA Software - Remote PreaAuth Exploit mailing-list
- 32055 third-party-advisory
- 31418 vdb
- VU#976484 third-party-advisory
- ADV-2008-2694 vdb
- https://nvd.nist.gov/vuln/detail/CVE-2008-4322 advisory