CWE-121
Stack-based Buffer Overflow
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
CVE-2014-9189 (GCVE-0-2014-9189)
Vulnerability from cvelistv5 – Published: 2019-03-25 19:10 – Updated: 2024-08-06 13:40
VLAI
Summary
Multiple stack-based buffer overflow vulnerabilities were found in Honeywell Experion PKS all versions prior to R400.6, all versions prior to R410.6, and all versions prior to R430.2 modules that could lead to possible remote code execution, dynamic memory corruption, or denial of service. Honeywell strongly encourages and recommends all customers running unsupported versions of EKPS prior to R400 to upgrade to a supported version.
Severity
No CVSS data available.
CWE
- CWE-121 - Stack-based buffer overflow CWE-121
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://ics-cert.us-cert.gov/advisories/ICSA-14-352-01 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Honeywell | Experion PKS |
Affected:
R40x prior to R400.6
Affected: R41x prior to R410.6 Affected: R43x prior to R430.2 |
Date Public
2014-12-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:40:23.163Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-352-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Experion PKS",
"vendor": "Honeywell",
"versions": [
{
"status": "affected",
"version": "R40x prior to R400.6"
},
{
"status": "affected",
"version": "R41x prior to R410.6"
},
{
"status": "affected",
"version": "R43x prior to R430.2"
}
]
}
],
"datePublic": "2014-12-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflow vulnerabilities were found in Honeywell Experion PKS all versions prior to R400.6, all versions prior to R410.6, and all versions prior to R430.2 modules that could lead to possible remote code execution, dynamic memory corruption, or denial of service. Honeywell strongly encourages and recommends all customers running unsupported versions of EKPS prior to R400 to upgrade to a supported version."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based buffer overflow CWE-121",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-25T19:10:47.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-352-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2014-9189",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Experion PKS",
"version": {
"version_data": [
{
"version_value": "R40x prior to R400.6"
},
{
"version_value": "R41x prior to R410.6"
},
{
"version_value": "R43x prior to R430.2"
}
]
}
}
]
},
"vendor_name": "Honeywell"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflow vulnerabilities were found in Honeywell Experion PKS all versions prior to R400.6, all versions prior to R410.6, and all versions prior to R430.2 modules that could lead to possible remote code execution, dynamic memory corruption, or denial of service. Honeywell strongly encourages and recommends all customers running unsupported versions of EKPS prior to R400 to upgrade to a supported version."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Stack-based buffer overflow CWE-121"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-14-352-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-352-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2014-9189",
"datePublished": "2019-03-25T19:10:47.000Z",
"dateReserved": "2014-12-02T00:00:00.000Z",
"dateUpdated": "2024-08-06T13:40:23.163Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-9190 (GCVE-0-2014-9190)
Vulnerability from cvelistv5 – Published: 2015-01-10 02:00 – Updated: 2025-07-24 22:42
VLAI
Title
Schneider Electric Wonderware InTouch Access Anywhere Server Buffer Overflow
Summary
Stack-based buffer overflow in Schneider Electric Wonderware InTouch Access Anywhere Server 10.6 and 11.0 allows remote attackers to execute arbitrary code via a request for a filename that does not exist.
Severity
No CVSS data available.
CWE
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://wdnresource.wonderware.com/support/docs/_… | x_refsource_CONFIRM |
| https://www.cisa.gov/news-events/ics-advisories/i… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Schneider Electric | InTouch Access Anywhere Server |
Affected:
10.6
Affected: 11.0 |
Date Public
2015-01-08 07:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:40:24.643Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wdnresource.wonderware.com/support/docs/_SecurityBulletins/Security_Bulletin_LFSEC00000104.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-008-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "InTouch Access Anywhere Server",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "10.6"
},
{
"status": "affected",
"version": "11.0"
}
]
}
],
"datePublic": "2015-01-08T07:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eStack-based buffer overflow in Schneider Electric Wonderware InTouch Access Anywhere Server 10.6 and 11.0 allows remote attackers to execute arbitrary code via a request for a filename that does not exist.\u003c/p\u003e"
}
],
"value": "Stack-based buffer overflow in Schneider Electric Wonderware InTouch Access Anywhere Server 10.6 and 11.0 allows remote attackers to execute arbitrary code via a request for a filename that does not exist."
}
],
"metrics": [
{
"cvssV2_0": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-24T22:42:57.203Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wdnresource.wonderware.com/support/docs/_SecurityBulletins/Security_Bulletin_LFSEC00000104.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-15-008-02"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eSchneider Electric has released a security update that mitigates the \nstack-based buffer overflow vulnerability in Wonderware\u2019s InTouch Access\n Anywhere Server product, Versions 10.6 and 11.0. Schneider Electric\u2019s \nsecurity updates for Version 10.6 and Version 11.0 are available at the \nfollowing location with a user account:\u003c/p\u003e\n\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://wdnresource.wonderware.com/tracking/confirmdownload.aspx?id=3001\u0026amp;url=https://wdnresource.wonderware.com/support/patchfixes/1/WW-ITAA2014P01-LFSEC104.zip\u0026amp;rme=https://wdnresource.wonderware.com/support/patchfixes/1/WW-ITAA2014P01-LFSEC104.txt\"\u003ehttps://wdnresource.wonderware.com/tracking/confirmdownload.aspx?id=3001\u0026amp;url=https://wdnresource...\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eSchneider Electric has released a security bulletin titled \u201cInTouch \nAccess Anywhere Server Security Vulnerability, LFSEC00000104\u201d to \nannounce the security update, which is available at the following \nlocation:\u003c/p\u003e\n\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://gcsresource.invensys.com/support/docs/_SecurityBulletins/Security_Bulletin_LFSEC00000104.pdf\"\u003ehttps://gcsresource.invensys.com/support/docs/_SecurityBulletins/Security_Bulletin_LFSEC00000104.pdf\u003c/a\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "Schneider Electric has released a security update that mitigates the \nstack-based buffer overflow vulnerability in Wonderware\u2019s InTouch Access\n Anywhere Server product, Versions 10.6 and 11.0. Schneider Electric\u2019s \nsecurity updates for Version 10.6 and Version 11.0 are available at the \nfollowing location with a user account:\n\n\n https://wdnresource.wonderware.com/tracking/confirmdownload.aspx?id=3001\u0026url=https://wdnresource... https://wdnresource.wonderware.com/tracking/confirmdownload.aspx \n\n\nSchneider Electric has released a security bulletin titled \u201cInTouch \nAccess Anywhere Server Security Vulnerability, LFSEC00000104\u201d to \nannounce the security update, which is available at the following \nlocation:\n\n\n https://gcsresource.invensys.com/support/docs/_SecurityBulletins/Security_Bulletin_LFSEC00000104.pdf"
}
],
"source": {
"advisory": "ICSA-15-008-02",
"discovery": "INTERNAL"
},
"title": "Schneider Electric Wonderware InTouch Access Anywhere Server Buffer Overflow",
"x_generator": {
"engine": "Vulnogram 0.2.0"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2014-9190",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in Schneider Electric Wonderware InTouch Access Anywhere Server 10.6 and 11.0 allows remote attackers to execute arbitrary code via a request for a filename that does not exist."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wdnresource.wonderware.com/support/docs/_SecurityBulletins/Security_Bulletin_LFSEC00000104.pdf",
"refsource": "CONFIRM",
"url": "https://wdnresource.wonderware.com/support/docs/_SecurityBulletins/Security_Bulletin_LFSEC00000104.pdf"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-008-02",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-008-02"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2014-9190",
"datePublished": "2015-01-10T02:00:00.000Z",
"dateReserved": "2014-12-02T00:00:00.000Z",
"dateUpdated": "2025-07-24T22:42:57.203Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-9200 (GCVE-0-2014-9200)
Vulnerability from cvelistv5 – Published: 2015-02-01 15:00 – Updated: 2025-09-05 21:34
VLAI
Title
Schneider Electric Device Type Managers (DTMs) Stack-based Buffer Overflow
Summary
Stack-based buffer overflow in an unspecified DLL file in a DTM development kit in Schneider Electric Unity Pro, SoMachine, SoMove, SoMove Lite, Modbus Communication Library 2.2.6 and earlier, CANopen Communication Library 1.0.2 and earlier, EtherNet/IP Communication Library 1.0.0 and earlier, EM X80 Gateway DTM (MB TCP/SL), Advantys DTM for OTB, Advantys DTM for STB, KINOS DTM, SOLO DTM, and Xantrex DTMs allows remote attackers to execute arbitrary code via unspecified vectors.
Severity
No CVSS data available.
CWE
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://download.schneider-electric.com/files?p_D… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/72335 | vdb-entryx_refsource_BID |
| https://www.cisa.gov/news-events/ics-advisories/i… |
Impacted products
12 products
| Vendor | Product | Version | |
|---|---|---|---|
| Schneider Electric | Unity Pro |
Affected:
all versions
|
|
| Schneider Electric | SoMachine |
Affected:
all versions
|
|
| Schneider Electric | SoMove |
Affected:
all versions
|
|
| Schneider Electric | SoMove Lite |
Affected:
all versions
|
|
| Schneider Electric | Modbus Communication Library |
Affected:
0 , ≤ Version 2.2.6
(custom)
|
|
| Schneider Electric | CANopen Communication Library |
Affected:
0 , ≤ Version 1.0.2
(custom)
|
|
| Schneider Electric | EtherNet/IP Communication Library |
Affected:
0 , ≤ Version 1.0.0
(custom)
|
|
| Schneider Electric | EM X80 Gateway DTM (MB TCP/SL) |
Affected:
all versions
|
|
| Schneider Electric | Advantys DTMs (OTB, STB) |
Affected:
all versions
|
|
| Schneider Electric | KINOS DTM |
Affected:
all versions
|
|
| Schneider Electric | SOLO DTM |
Affected:
all versions
|
|
| Schneider Electric | Xantrex DTM |
Affected:
all versions
|
Date Public
2015-01-27 07:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:40:24.488Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-009-01"
},
{
"name": "72335",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72335"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-027-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Unity Pro",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SoMachine",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SoMove",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SoMove Lite",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Modbus Communication Library",
"vendor": "Schneider Electric",
"versions": [
{
"lessThanOrEqual": "Version 2.2.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CANopen Communication Library",
"vendor": "Schneider Electric",
"versions": [
{
"lessThanOrEqual": "Version 1.0.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EtherNet/IP Communication Library",
"vendor": "Schneider Electric",
"versions": [
{
"lessThanOrEqual": "Version 1.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EM X80 Gateway DTM (MB TCP/SL)",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Advantys DTMs (OTB, STB)",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "KINOS DTM",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SOLO DTM",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Xantrex DTM",
"vendor": "Schneider Electric",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ariele Caltabiano (kimiya) with HP\u2019s Zero Day Initiative (ZDI)"
}
],
"datePublic": "2015-01-27T07:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eStack-based buffer overflow in an unspecified DLL file in a DTM development kit in Schneider Electric Unity Pro, SoMachine, SoMove, SoMove Lite, Modbus Communication Library 2.2.6 and earlier, CANopen Communication Library 1.0.2 and earlier, EtherNet/IP Communication Library 1.0.0 and earlier, EM X80 Gateway DTM (MB TCP/SL), Advantys DTM for OTB, Advantys DTM for STB, KINOS DTM, SOLO DTM, and Xantrex DTMs allows remote attackers to execute arbitrary code via unspecified vectors.\u003c/p\u003e"
}
],
"value": "Stack-based buffer overflow in an unspecified DLL file in a DTM development kit in Schneider Electric Unity Pro, SoMachine, SoMove, SoMove Lite, Modbus Communication Library 2.2.6 and earlier, CANopen Communication Library 1.0.2 and earlier, EtherNet/IP Communication Library 1.0.0 and earlier, EM X80 Gateway DTM (MB TCP/SL), Advantys DTM for OTB, Advantys DTM for STB, KINOS DTM, SOLO DTM, and Xantrex DTMs allows remote attackers to execute arbitrary code via unspecified vectors."
}
],
"metrics": [
{
"cvssV2_0": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-05T21:34:15.852Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-009-01"
},
{
"name": "72335",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72335"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-15-027-02"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eSchneider Electric has released a patch that resolves the \nvulnerability by removing the vulnerable DLL. Schneider Electric\u2019s patch\n is available at the follow location:\u003c/p\u003e\n\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"http://download.schneider-electric.com/files?p_Doc_Ref=FDT1\"\u003ehttp://download.schneider-electric.com/files?p_Doc_Ref=FDT1\u003c/a\u003e DLL Removal Kit.\u003c/p\u003e\n\u003cp\u003eSchneider Electric\u2019s security notice SEVD-2015-009-01 is available at the following location:\u003c/p\u003e\n\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-009-01\"\u003ehttp://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-009-01\u003c/a\u003e\u003c/p\u003e.\n\n\u003cbr\u003e"
}
],
"value": "Schneider Electric has released a patch that resolves the \nvulnerability by removing the vulnerable DLL. Schneider Electric\u2019s patch\n is available at the follow location:\n\n\n http://download.schneider-electric.com/files?p_Doc_Ref=FDT1 DLL Removal Kit.\n\n\nSchneider Electric\u2019s security notice SEVD-2015-009-01 is available at the following location:\n\n\n http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-009-01 \n\n."
}
],
"source": {
"advisory": "ICSA-15-027-02",
"discovery": "UNKNOWN"
},
"title": "Schneider Electric Device Type Managers (DTMs) Stack-based Buffer Overflow",
"x_generator": {
"engine": "Vulnogram 0.2.0"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2014-9200",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in an unspecified DLL file in a DTM development kit in Schneider Electric Unity Pro, SoMachine, SoMove, SoMove Lite, Modbus Communication Library 2.2.6 and earlier, CANopen Communication Library 1.0.2 and earlier, EtherNet/IP Communication Library 1.0.0 and earlier, EM X80 Gateway DTM (MB TCP/SL), Advantys DTM for OTB, Advantys DTM for STB, KINOS DTM, SOLO DTM, and Xantrex DTMs allows remote attackers to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-009-01",
"refsource": "CONFIRM",
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-009-01"
},
{
"name": "72335",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72335"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-027-02",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-027-02"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2014-9200",
"datePublished": "2015-02-01T15:00:00.000Z",
"dateReserved": "2014-12-02T00:00:00.000Z",
"dateUpdated": "2025-09-05T21:34:15.852Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-1006 (GCVE-0-2015-1006)
Vulnerability from cvelistv5 – Published: 2019-05-10 13:47 – Updated: 2024-08-06 04:26
VLAI
Summary
A vulnerable file in Opto 22 PAC Project Professional versions prior to R9.4006, PAC Project Basic versions prior to R9.4006, PAC Display Basic versions prior to R9.4f, PAC Display Professional versions prior to R9.4f, OptoOPCServer versions prior to R9.4c, and OptoDataLink version R9.4d and prior versions that were installed by PAC Project installer, versions prior to R9.4006, is susceptible to a heap-based buffer overflow condition that may allow remote code execution on the target system. Opto 22 suggests upgrading to the new product version as soon as possible.
Severity
No CVSS data available.
CWE
- CWE-121 - Heap-based buffer overflow CWE-121
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://ics-cert.us-cert.gov/advisories/ICSA-15-120-01 | x_refsource_MISC |
Impacted products
6 products
| Vendor | Product | Version | |
|---|---|---|---|
| Opto 22 | PAC Project Professional |
Affected:
< R9.4006
|
|
| Opto 22 | PAC Project Basic |
Affected:
< R9.4006
|
|
| Opto 22 | PAC Display Basic |
Affected:
< R9.4f
|
|
| Opto 22 | PAC Display Professional |
Affected:
< R9.4f
|
|
| Opto 22 | OptoOPCServer |
Affected:
< R9.4c
|
|
| Opto 22 | OptoDataLink |
Affected:
R9.4d and prior that were installed by PAC Project installer
Affected: versions prior to R9.4006 |
Date Public
2015-04-30 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:26:11.549Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-120-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PAC Project Professional",
"vendor": "Opto 22",
"versions": [
{
"status": "affected",
"version": "\u003c R9.4006"
}
]
},
{
"product": "PAC Project Basic",
"vendor": "Opto 22",
"versions": [
{
"status": "affected",
"version": "\u003c R9.4006"
}
]
},
{
"product": "PAC Display Basic",
"vendor": "Opto 22",
"versions": [
{
"status": "affected",
"version": "\u003c R9.4f"
}
]
},
{
"product": "PAC Display Professional",
"vendor": "Opto 22",
"versions": [
{
"status": "affected",
"version": "\u003c R9.4f"
}
]
},
{
"product": "OptoOPCServer",
"vendor": "Opto 22",
"versions": [
{
"status": "affected",
"version": "\u003c R9.4c"
}
]
},
{
"product": "OptoDataLink",
"vendor": "Opto 22",
"versions": [
{
"status": "affected",
"version": "R9.4d and prior that were installed by PAC Project installer"
},
{
"status": "affected",
"version": "versions prior to R9.4006"
}
]
}
],
"datePublic": "2015-04-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerable file in Opto 22 PAC Project Professional versions prior to R9.4006, PAC Project Basic versions prior to R9.4006, PAC Display Basic versions prior to R9.4f, PAC Display Professional versions prior to R9.4f, OptoOPCServer versions prior to R9.4c, and OptoDataLink version R9.4d and prior versions that were installed by PAC Project installer, versions prior to R9.4006, is susceptible to a heap-based buffer overflow condition that may allow remote code execution on the target system. Opto 22 suggests upgrading to the new product version as soon as possible."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Heap-based buffer overflow CWE-121",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-10T13:47:26.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-120-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2015-1006",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PAC Project Professional",
"version": {
"version_data": [
{
"version_value": "\u003c R9.4006"
}
]
}
},
{
"product_name": "PAC Project Basic",
"version": {
"version_data": [
{
"version_value": "\u003c R9.4006"
}
]
}
},
{
"product_name": "PAC Display Basic",
"version": {
"version_data": [
{
"version_value": "\u003c R9.4f"
}
]
}
},
{
"product_name": "PAC Display Professional",
"version": {
"version_data": [
{
"version_value": "\u003c R9.4f"
}
]
}
},
{
"product_name": "OptoOPCServer",
"version": {
"version_data": [
{
"version_value": "\u003c R9.4c"
}
]
}
},
{
"product_name": "OptoDataLink",
"version": {
"version_data": [
{
"version_value": "R9.4d and prior that were installed by PAC Project installer"
},
{
"version_value": "versions prior to R9.4006"
}
]
}
}
]
},
"vendor_name": "Opto 22"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerable file in Opto 22 PAC Project Professional versions prior to R9.4006, PAC Project Basic versions prior to R9.4006, PAC Display Basic versions prior to R9.4f, PAC Display Professional versions prior to R9.4f, OptoOPCServer versions prior to R9.4c, and OptoDataLink version R9.4d and prior versions that were installed by PAC Project installer, versions prior to R9.4006, is susceptible to a heap-based buffer overflow condition that may allow remote code execution on the target system. Opto 22 suggests upgrading to the new product version as soon as possible."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap-based buffer overflow CWE-121"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-120-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-120-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2015-1006",
"datePublished": "2019-05-10T13:47:27.000Z",
"dateReserved": "2015-01-10T00:00:00.000Z",
"dateUpdated": "2024-08-06T04:26:11.549Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-1007 (GCVE-0-2015-1007)
Vulnerability from cvelistv5 – Published: 2019-03-25 18:38 – Updated: 2024-08-06 04:26
VLAI
Summary
A specially crafted configuration file could be used to cause a stack-based buffer overflow condition in the OPCTest.exe, which may allow remote code execution on Opto 22 PAC Project Professional versions prior to R9.4008, PAC Project Basic versions prior to R9.4008, PAC Display Basic versions prior to R9.4g, PAC Display Professional versions prior to R9.4g, OptoOPCServer version R9.4c and prior that were installed by PAC Project installer, versions prior to R9.4008, and OptoDataLink version R9.4d and prior that were installed by PAC Project installer, versions prior to R9.4008. Opto 22 suggests upgrading to the new product version as soon as possible.
Severity
No CVSS data available.
CWE
- CWE-121 - Stack-based buffer overflow CWE-121
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://ics-cert.us-cert.gov/advisories/ICSA-15-120-01 | x_refsource_MISC |
Impacted products
6 products
| Vendor | Product | Version | |
|---|---|---|---|
| Opto 22 | PAC Project Professional |
Affected:
< R9.4008
|
|
| Opto 22 | PAC Project Basic |
Affected:
< R9.4008
|
|
| Opto 22 | PAC Display Basic |
Affected:
< R9.4g
|
|
| Opto 22 | PAC Display Professional |
Affected:
< R9.4g
|
|
| Opto 22 | OptoOPCServer |
Affected:
R9.4c and prior that were installed by PAC Project installer versions prior to R9.4008
|
|
| Opto 22 | OptoDataLink |
Affected:
R9.4d and prior that were installed by PAC Project installer versions prior to R9.4008
|
Date Public
2015-04-30 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:26:11.562Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-120-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PAC Project Professional",
"vendor": "Opto 22",
"versions": [
{
"status": "affected",
"version": "\u003c R9.4008"
}
]
},
{
"product": "PAC Project Basic",
"vendor": "Opto 22",
"versions": [
{
"status": "affected",
"version": "\u003c R9.4008"
}
]
},
{
"product": "PAC Display Basic",
"vendor": "Opto 22",
"versions": [
{
"status": "affected",
"version": "\u003c R9.4g"
}
]
},
{
"product": "PAC Display Professional",
"vendor": "Opto 22",
"versions": [
{
"status": "affected",
"version": "\u003c R9.4g"
}
]
},
{
"product": "OptoOPCServer",
"vendor": "Opto 22",
"versions": [
{
"status": "affected",
"version": "R9.4c and prior that were installed by PAC Project installer versions prior to R9.4008"
}
]
},
{
"product": "OptoDataLink",
"vendor": "Opto 22",
"versions": [
{
"status": "affected",
"version": "R9.4d and prior that were installed by PAC Project installer versions prior to R9.4008"
}
]
}
],
"datePublic": "2015-04-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A specially crafted configuration file could be used to cause a stack-based buffer overflow condition in the OPCTest.exe, which may allow remote code execution on Opto 22 PAC Project Professional versions prior to R9.4008, PAC Project Basic versions prior to R9.4008, PAC Display Basic versions prior to R9.4g, PAC Display Professional versions prior to R9.4g, OptoOPCServer version R9.4c and prior that were installed by PAC Project installer, versions prior to R9.4008, and OptoDataLink version R9.4d and prior that were installed by PAC Project installer, versions prior to R9.4008. Opto 22 suggests upgrading to the new product version as soon as possible."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based buffer overflow CWE-121",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-25T18:38:25.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-120-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2015-1007",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PAC Project Professional",
"version": {
"version_data": [
{
"version_value": "\u003c R9.4008"
}
]
}
},
{
"product_name": "PAC Project Basic",
"version": {
"version_data": [
{
"version_value": "\u003c R9.4008"
}
]
}
},
{
"product_name": "PAC Display Basic",
"version": {
"version_data": [
{
"version_value": "\u003c R9.4g"
}
]
}
},
{
"product_name": "PAC Display Professional",
"version": {
"version_data": [
{
"version_value": "\u003c R9.4g"
}
]
}
},
{
"product_name": "OptoOPCServer",
"version": {
"version_data": [
{
"version_value": "R9.4c and prior that were installed by PAC Project installer versions prior to R9.4008"
}
]
}
},
{
"product_name": "OptoDataLink",
"version": {
"version_data": [
{
"version_value": "R9.4d and prior that were installed by PAC Project installer versions prior to R9.4008"
}
]
}
}
]
},
"vendor_name": "Opto 22"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A specially crafted configuration file could be used to cause a stack-based buffer overflow condition in the OPCTest.exe, which may allow remote code execution on Opto 22 PAC Project Professional versions prior to R9.4008, PAC Project Basic versions prior to R9.4008, PAC Display Basic versions prior to R9.4g, PAC Display Professional versions prior to R9.4g, OptoOPCServer version R9.4c and prior that were installed by PAC Project installer, versions prior to R9.4008, and OptoDataLink version R9.4d and prior that were installed by PAC Project installer, versions prior to R9.4008. Opto 22 suggests upgrading to the new product version as soon as possible."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Stack-based buffer overflow CWE-121"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-120-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-120-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2015-1007",
"datePublished": "2019-03-25T18:38:25.000Z",
"dateReserved": "2015-01-10T00:00:00.000Z",
"dateUpdated": "2024-08-06T04:26:11.562Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5800 (GCVE-0-2016-5800)
Vulnerability from cvelistv5 – Published: 2019-03-21 13:56 – Updated: 2024-08-06 01:15
VLAI
Summary
A malicious attacker can trigger a remote buffer overflow in the Communication Server in Fatek Automation PM Designer V3 Version 2.1.2.2, and Automation FV Designer Version 1.2.8.0.
Severity
No CVSS data available.
CWE
- CWE-121 - Buffer overflow CWE-121
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://ics-cert.us-cert.gov/advisories/ICSA-16-287-06 | x_refsource_MISC |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Fatek | Automation PM Designer V3 |
Affected:
2.1.2.2
|
|
| Fatek | Automation FV Designer |
Affected:
1.2.8.0
|
Date Public
2016-10-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:15:10.834Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-06"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Automation PM Designer V3",
"vendor": "Fatek",
"versions": [
{
"status": "affected",
"version": "2.1.2.2"
}
]
},
{
"product": "Automation FV Designer",
"vendor": "Fatek",
"versions": [
{
"status": "affected",
"version": "1.2.8.0"
}
]
}
],
"datePublic": "2016-10-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A malicious attacker can trigger a remote buffer overflow in the Communication Server in Fatek Automation PM Designer V3 Version 2.1.2.2, and Automation FV Designer Version 1.2.8.0."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Buffer overflow CWE-121",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-21T13:56:42.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-06"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2016-5800",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Automation PM Designer V3",
"version": {
"version_data": [
{
"version_value": "2.1.2.2"
}
]
}
}
]
},
"vendor_name": "Fatek"
},
{
"product": {
"product_data": [
{
"product_name": "Automation FV Designer",
"version": {
"version_data": [
{
"version_value": "1.2.8.0"
}
]
}
}
]
},
"vendor_name": "Fatek"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A malicious attacker can trigger a remote buffer overflow in the Communication Server in Fatek Automation PM Designer V3 Version 2.1.2.2, and Automation FV Designer Version 1.2.8.0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer overflow CWE-121"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-06",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-06"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2016-5800",
"datePublished": "2019-03-21T13:56:42.000Z",
"dateReserved": "2016-06-23T00:00:00.000Z",
"dateUpdated": "2024-08-06T01:15:10.834Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6563 (GCVE-0-2016-6563)
Vulnerability from cvelistv5 – Published: 2018-07-13 20:00 – Updated: 2024-08-06 01:36
VLAI
Title
D-Link DIR routers contain a stack-based buffer overflow in the HNAP Login action
Summary
Processing malformed SOAP messages when performing the HNAP Login action causes a buffer overflow in the stack in some D-Link DIR routers. The vulnerable XML fields within the SOAP body are: Action, Username, LoginPassword, and Captcha. The following products are affected: DIR-823, DIR-822, DIR-818L(W), DIR-895L, DIR-890L, DIR-885L, DIR-880L, DIR-868L, and DIR-850L.
Severity
No CVSS data available.
CWE
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/40805/ | exploitx_refsource_EXPLOIT-DB |
| https://www.kb.cert.org/vuls/id/677427 | third-party-advisoryx_refsource_CERT-VN |
| http://www.securityfocus.com/bid/94130 | vdb-entryx_refsource_BID |
| http://seclists.org/fulldisclosure/2016/Nov/38 | mailing-listx_refsource_FULLDISC |
Impacted products
Date Public
2016-11-07 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:36:28.095Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "40805",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40805/"
},
{
"name": "VU#677427",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/677427"
},
{
"name": "94130",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94130"
},
{
"name": "20161107 [CVE-2016-6563 / VU#677427]: Dlink DIR routers HNAP Login stack buffer overflow",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2016/Nov/38"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DIR-823",
"vendor": "D-Link",
"versions": [
{
"status": "unknown",
"version": "N/A"
}
]
},
{
"product": "DIR-822",
"vendor": "D-Link",
"versions": [
{
"status": "unknown",
"version": "N/A"
}
]
},
{
"product": "DIR-818L(W)",
"vendor": "D-Link",
"versions": [
{
"status": "unknown",
"version": "N/A"
}
]
},
{
"product": "DIR-895L",
"vendor": "D-Link",
"versions": [
{
"status": "unknown",
"version": "N/A"
}
]
},
{
"product": "DIR-890L",
"vendor": "D-Link",
"versions": [
{
"status": "unknown",
"version": "N/A"
}
]
},
{
"product": "DIR-885L",
"vendor": "D-Link",
"versions": [
{
"status": "unknown",
"version": "N/A"
}
]
},
{
"product": "DIR-880L",
"vendor": "D-Link",
"versions": [
{
"status": "unknown",
"version": "N/A"
}
]
},
{
"product": "DIR-868L",
"vendor": "D-Link",
"versions": [
{
"status": "unknown",
"version": "N/A"
}
]
},
{
"product": "DIR-850L",
"vendor": "D-Link",
"versions": [
{
"status": "unknown",
"version": "N/A"
}
]
}
],
"datePublic": "2016-11-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Processing malformed SOAP messages when performing the HNAP Login action causes a buffer overflow in the stack in some D-Link DIR routers. The vulnerable XML fields within the SOAP body are: Action, Username, LoginPassword, and Captcha. The following products are affected: DIR-823, DIR-822, DIR-818L(W), DIR-895L, DIR-890L, DIR-885L, DIR-880L, DIR-868L, and DIR-850L."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-14T09:57:01.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "40805",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40805/"
},
{
"name": "VU#677427",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/677427"
},
{
"name": "94130",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94130"
},
{
"name": "20161107 [CVE-2016-6563 / VU#677427]: Dlink DIR routers HNAP Login stack buffer overflow",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2016/Nov/38"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "D-Link DIR routers contain a stack-based buffer overflow in the HNAP Login action",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2016-6563",
"STATE": "PUBLIC",
"TITLE": "D-Link DIR routers contain a stack-based buffer overflow in the HNAP Login action"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DIR-823",
"version": {
"version_data": [
{
"affected": "?",
"version_affected": "?",
"version_value": "N/A"
}
]
}
},
{
"product_name": "DIR-822",
"version": {
"version_data": [
{
"affected": "?",
"version_affected": "?",
"version_value": "N/A"
}
]
}
},
{
"product_name": "DIR-818L(W)",
"version": {
"version_data": [
{
"affected": "?",
"version_affected": "?",
"version_value": "N/A"
}
]
}
},
{
"product_name": "DIR-895L",
"version": {
"version_data": [
{
"affected": "?",
"version_affected": "?",
"version_value": "N/A"
}
]
}
},
{
"product_name": "DIR-890L",
"version": {
"version_data": [
{
"affected": "?",
"version_affected": "?",
"version_value": "N/A"
}
]
}
},
{
"product_name": "DIR-885L",
"version": {
"version_data": [
{
"affected": "?",
"version_affected": "?",
"version_value": "N/A"
}
]
}
},
{
"product_name": "DIR-880L",
"version": {
"version_data": [
{
"affected": "?",
"version_affected": "?",
"version_value": "N/A"
}
]
}
},
{
"product_name": "DIR-868L",
"version": {
"version_data": [
{
"affected": "?",
"version_affected": "?",
"version_value": "N/A"
}
]
}
},
{
"product_name": "DIR-850L",
"version": {
"version_data": [
{
"affected": "?",
"version_affected": "?",
"version_value": "N/A"
}
]
}
}
]
},
"vendor_name": "D-Link"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Processing malformed SOAP messages when performing the HNAP Login action causes a buffer overflow in the stack in some D-Link DIR routers. The vulnerable XML fields within the SOAP body are: Action, Username, LoginPassword, and Captcha. The following products are affected: DIR-823, DIR-822, DIR-818L(W), DIR-895L, DIR-890L, DIR-885L, DIR-880L, DIR-868L, and DIR-850L."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "40805",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40805/"
},
{
"name": "VU#677427",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/677427"
},
{
"name": "94130",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94130"
},
{
"name": "20161107 [CVE-2016-6563 / VU#677427]: Dlink DIR routers HNAP Login stack buffer overflow",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Nov/38"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2016-6563",
"datePublished": "2018-07-13T20:00:00.000Z",
"dateReserved": "2016-08-03T00:00:00.000Z",
"dateUpdated": "2024-08-06T01:36:28.095Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-12188 (GCVE-0-2017-12188)
Vulnerability from cvelistv5 – Published: 2017-10-11 15:00 – Updated: 2024-08-05 18:28
VLAI
Summary
arch/x86/kvm/mmu.c in the Linux kernel through 4.13.5, when nested virtualisation is used, does not properly traverse guest pagetable entries to resolve a guest virtual address, which allows L1 guest OS users to execute arbitrary code on the host OS or cause a denial of service (incorrect index during page walking, and host OS crash), aka an "MMU potential stack buffer overrun."
Severity
No CVSS data available.
CWE
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://access.redhat.com/errata/RHSA-2018:0412 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2018:0395 | vendor-advisoryx_refsource_REDHAT |
| https://patchwork.kernel.org/patch/9996587/ | x_refsource_CONFIRM |
| https://patchwork.kernel.org/patch/9996579/ | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/101267 | vdb-entryx_refsource_BID |
| https://bugzilla.redhat.com/show_bug.cgi?id=1500380 | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Linux kernel |
Affected:
Linux kernel
|
Date Public
2017-10-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:28:16.694Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2018:0412",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0412"
},
{
"name": "RHSA-2018:0395",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0395"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://patchwork.kernel.org/patch/9996587/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://patchwork.kernel.org/patch/9996579/"
},
{
"name": "101267",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101267"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500380"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Linux kernel",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Linux kernel"
}
]
}
],
"datePublic": "2017-10-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "arch/x86/kvm/mmu.c in the Linux kernel through 4.13.5, when nested virtualisation is used, does not properly traverse guest pagetable entries to resolve a guest virtual address, which allows L1 guest OS users to execute arbitrary code on the host OS or cause a denial of service (incorrect index during page walking, and host OS crash), aka an \"MMU potential stack buffer overrun.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-07T10:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2018:0412",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0412"
},
{
"name": "RHSA-2018:0395",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0395"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://patchwork.kernel.org/patch/9996587/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://patchwork.kernel.org/patch/9996579/"
},
{
"name": "101267",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101267"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500380"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2017-12188",
"datePublished": "2017-10-11T15:00:00.000Z",
"dateReserved": "2017-08-01T00:00:00.000Z",
"dateUpdated": "2024-08-05T18:28:16.694Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-12194 (GCVE-0-2017-12194)
Vulnerability from cvelistv5 – Published: 2018-03-14 21:00 – Updated: 2024-08-05 18:28
VLAI
Summary
A flaw was found in the way spice-client processed certain messages sent from the server. An attacker, having control of malicious spice-server, could use this flaw to crash the client or execute arbitrary code with permissions of the user running the client. spice-gtk versions through 0.34 are believed to be vulnerable.
Severity
No CVSS data available.
CWE
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://security.gentoo.org/glsa/201811-20 | vendor-advisoryx_refsource_GENTOO |
| https://usn.ubuntu.com/3659-1/ | vendor-advisoryx_refsource_UBUNTU |
| https://bugzilla.redhat.com/show_bug.cgi?id=1501200 | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/103413 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| freedesktop.org | spice-gtk |
Affected:
through 0.34
|
Date Public
2018-03-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:28:16.674Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201811-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201811-20"
},
{
"name": "USN-3659-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3659-1/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501200"
},
{
"name": "103413",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103413"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "spice-gtk",
"vendor": "freedesktop.org",
"versions": [
{
"status": "affected",
"version": "through 0.34"
}
]
}
],
"datePublic": "2018-03-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the way spice-client processed certain messages sent from the server. An attacker, having control of malicious spice-server, could use this flaw to crash the client or execute arbitrary code with permissions of the user running the client. spice-gtk versions through 0.34 are believed to be vulnerable."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-11-27T10:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "GLSA-201811-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201811-20"
},
{
"name": "USN-3659-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3659-1/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501200"
},
{
"name": "103413",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103413"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2017-12194",
"datePublished": "2018-03-14T21:00:00.000Z",
"dateReserved": "2017-08-01T00:00:00.000Z",
"dateUpdated": "2024-08-05T18:28:16.674Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-12706 (GCVE-0-2017-12706)
Vulnerability from cvelistv5 – Published: 2017-08-30 18:00 – Updated: 2024-08-05 18:43
VLAI
Summary
A stack-based buffer overflow issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. Researchers have identified multiple vulnerabilities where there is a lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer, which could allow an attacker to execute arbitrary code under the context of the process.
Severity
No CVSS data available.
CWE
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://ics-cert.us-cert.gov/advisories/ICSA-17-241-02 | x_refsource_MISC |
| http://www.securityfocus.com/bid/100526 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Advantech WebAccess |
Affected:
Advantech WebAccess
|
Date Public
2017-08-30 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:43:56.460Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-241-02"
},
{
"name": "100526",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100526"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Advantech WebAccess",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Advantech WebAccess"
}
]
}
],
"datePublic": "2017-08-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. Researchers have identified multiple vulnerabilities where there is a lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer, which could allow an attacker to execute arbitrary code under the context of the process."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-31T09:57:01.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-241-02"
},
{
"name": "100526",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100526"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2017-12706",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Advantech WebAccess",
"version": {
"version_data": [
{
"version_value": "Advantech WebAccess"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A stack-based buffer overflow issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. Researchers have identified multiple vulnerabilities where there is a lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer, which could allow an attacker to execute arbitrary code under the context of the process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-241-02",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-241-02"
},
{
"name": "100526",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100526"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2017-12706",
"datePublished": "2017-08-30T18:00:00.000Z",
"dateReserved": "2017-08-09T00:00:00.000Z",
"dateUpdated": "2024-08-05T18:43:56.460Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation ID: MIT-10
Phases: Operation, Build and Compilation
Strategy: Environment Hardening
Description:
- Use automatic buffer overflow detection mechanisms that are offered by certain compilers or compiler extensions. Examples include: the Microsoft Visual Studio /GS flag, Fedora/Red Hat FORTIFY_SOURCE GCC flag, StackGuard, and ProPolice, which provide various mechanisms including canary-based detection and range/index checking.
- D3-SFCV (Stack Frame Canary Validation) from D3FEND [REF-1334] discusses canary-based detection in detail.
Mitigation
Phase: Architecture and Design
Description:
- Use an abstraction library to abstract away risky APIs. Not a complete solution.
Mitigation
Phase: Implementation
Description:
- Implement and perform bounds checking on input.
Mitigation
Phase: Implementation
Description:
- Do not use dangerous functions such as gets. Use safer, equivalent functions which check for boundary errors.
Mitigation ID: MIT-11
Phases: Operation, Build and Compilation
Strategy: Environment Hardening
Description:
- Run or compile the software using features or extensions that randomly arrange the positions of a program's executable and libraries in memory. Because this makes the addresses unpredictable, it can prevent an attacker from reliably jumping to exploitable code.
- Examples include Address Space Layout Randomization (ASLR) [REF-58] [REF-60] and Position-Independent Executables (PIE) [REF-64]. Imported modules may be similarly realigned if their default memory addresses conflict with other modules, in a process known as "rebasing" (for Windows) and "prelinking" (for Linux) [REF-1332] using randomly generated addresses. ASLR for libraries cannot be used in conjunction with prelink since it would require relocating the libraries at run-time, defeating the whole purpose of prelinking.
- For more information on these techniques see D3-SAOR (Segment Address Offset Randomization) from D3FEND [REF-1335].
No CAPEC attack patterns related to this CWE.