Unrated severityNVD Advisory· Published Jan 8, 2012· Updated Jun 16, 2026
CVE-2011-4870
CVE-2011-4870
Description
Multiple buffer overflows in the (1) GUIControls, (2) BatchObjSrv, and (3) BatchSecCtrl ActiveX controls in Invensys Wonderware InBatch 9.0 and 9.0 SP1, and InBatch 8.1 SP1, 9.0 SP2, and 9.5 Server and Runtime Clients, allow remote attackers to execute arbitrary code via a long string in a property value, a different issue than CVE-2011-3141.
Affected products
6cpe:2.3:a:invensys:wonderware_inbatch:8.1:sp1:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:invensys:wonderware_inbatch:8.1:sp1:*:*:*:*:*:*
- cpe:2.3:a:invensys:wonderware_inbatch:9.0:*:*:*:*:*:*:*
- cpe:2.3:a:invensys:wonderware_inbatch:9.0:sp1:*:*:*:*:*:*
- cpe:2.3:a:invensys:wonderware_inbatch:9.0:sp2:*:*:*:*:*:*
- cpe:2.3:a:invensys:wonderware_inbatch:9.5:*:*:*:*:*:*:*
- (no CPE)range: 9.0, 9.0 SP1, 8.1 SP1, 9.0 SP2, 9.5
Patches
Vulnerability mechanics
References
2- www.us-cert.gov/control_systems/pdf/ICSA-11-332-01A.pdfnvdUS Government Resource
- www.securityfocus.com/bid/51129nvd
News mentions
0No linked articles in our index yet.