Vulnerable Systems:
* Schneider Electric IGSS 9 and prior
Schneider Electric Interactive Graphical SCADA System (IGSS) contains an overflow condition in DC.EXE. The issue is triggered as unspecified user-supplied input is not properly validated when parsing incoming packets. With a specially crafted request, a remote attacker can cause a buffer overflow, resulting in a denial of service or execution of arbitrary code.