Search

Find a vulnerability

Search criteria

    8 vulnerabilities found for communications_eagle by oracle

    CVE-2020-35198 (GCVE-0-2020-35198)

    Vulnerability from nvd – Published: 2021-05-12 10:55 – Updated: 2024-08-04 17:02
    VLAI
    Summary
    An issue was discovered in Wind River VxWorks 7. The memory allocator has a possible integer overflow in calculating a memory block's size to be allocated by calloc(). As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T17:02:06.842Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support2.windriver.com/index.php?page=security-notices"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2020-35198"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An issue was discovered in Wind River VxWorks 7. The memory allocator has a possible integer overflow in calculating a memory block\u0027s size to be allocated by calloc(). As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-04-19T23:22:42.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support2.windriver.com/index.php?page=security-notices"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2020-35198"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2020-35198",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An issue was discovered in Wind River VxWorks 7. The memory allocator has a possible integer overflow in calculating a memory block\u0027s size to be allocated by calloc(). As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support2.windriver.com/index.php?page=security-notices",
                  "refsource": "MISC",
                  "url": "https://support2.windriver.com/index.php?page=security-notices"
                },
                {
                  "name": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2020-35198",
                  "refsource": "MISC",
                  "url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2020-35198"
                },
                {
                  "name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
                  "refsource": "MISC",
                  "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2020-35198",
        "datePublished": "2021-05-12T10:55:47.000Z",
        "dateReserved": "2020-12-12T00:00:00.000Z",
        "dateUpdated": "2024-08-04T17:02:06.842Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-28895 (GCVE-0-2020-28895)

    Vulnerability from nvd – Published: 2021-02-03 15:16 – Updated: 2024-08-04 16:41
    VLAI
    Title
    integer overflow in calloc
    Summary
    In Wind River VxWorks, memory allocator has a possible overflow in calculating the memory block's size to be allocated by calloc(). As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption.
    CWE
    • n/a
    Assigner
    Date Public
    2020-12-14 00:00
    Credits
    Reported by Omri Ben Bassat <v-obenbassat@microsoft.com>
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T16:41:00.095Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support2.windriver.com/index.php?page=defects\u0026on=view\u0026id=V7LIBC-1327"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2020-28895"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Reported by Omri Ben Bassat \u003cv-obenbassat@microsoft.com\u003e"
            }
          ],
          "datePublic": "2020-12-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "In Wind River VxWorks, memory allocator has a possible overflow in calculating the memory block\u0027s size to be allocated by calloc(). As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-04-19T23:22:39.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support2.windriver.com/index.php?page=defects\u0026on=view\u0026id=V7LIBC-1327"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2020-28895"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "integer overflow in calloc",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2020-28895",
              "STATE": "PUBLIC",
              "TITLE": "integer overflow in calloc"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Reported by Omri Ben Bassat \u003cv-obenbassat@microsoft.com\u003e"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In Wind River VxWorks, memory allocator has a possible overflow in calculating the memory block\u0027s size to be allocated by calloc(). As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support2.windriver.com/index.php?page=defects\u0026on=view\u0026id=V7LIBC-1327",
                  "refsource": "MISC",
                  "url": "https://support2.windriver.com/index.php?page=defects\u0026on=view\u0026id=V7LIBC-1327"
                },
                {
                  "name": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2020-28895",
                  "refsource": "MISC",
                  "url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2020-28895"
                },
                {
                  "name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
                  "refsource": "MISC",
                  "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
                }
              ]
            },
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2020-28895",
        "datePublished": "2021-02-03T15:16:34.000Z",
        "dateReserved": "2020-11-17T00:00:00.000Z",
        "dateUpdated": "2024-08-04T16:41:00.095Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-12261 (GCVE-0-2019-12261)

    Vulnerability from nvd – Published: 2019-08-09 20:27 – Updated: 2024-08-04 23:17
    VLAI
    Summary
    Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion during connect() to a remote host.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T23:17:38.872Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support2.windriver.com/index.php?page=security-notices"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20190802-0001/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.f5.com/csp/article/K41190253"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2019-12261"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion during connect() to a remote host."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-10-20T21:14:56.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support2.windriver.com/index.php?page=security-notices"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://security.netapp.com/advisory/ntap-20190802-0001/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.f5.com/csp/article/K41190253"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2019-12261"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2019-12261",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion during connect() to a remote host."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.oracle.com/security-alerts/cpuoct2020.html",
                  "refsource": "MISC",
                  "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
                },
                {
                  "name": "https://support2.windriver.com/index.php?page=security-notices",
                  "refsource": "MISC",
                  "url": "https://support2.windriver.com/index.php?page=security-notices"
                },
                {
                  "name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009",
                  "refsource": "CONFIRM",
                  "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009"
                },
                {
                  "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf",
                  "refsource": "CONFIRM",
                  "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf"
                },
                {
                  "name": "https://security.netapp.com/advisory/ntap-20190802-0001/",
                  "refsource": "CONFIRM",
                  "url": "https://security.netapp.com/advisory/ntap-20190802-0001/"
                },
                {
                  "name": "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/",
                  "refsource": "CONFIRM",
                  "url": "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/"
                },
                {
                  "name": "https://support.f5.com/csp/article/K41190253",
                  "refsource": "CONFIRM",
                  "url": "https://support.f5.com/csp/article/K41190253"
                },
                {
                  "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf",
                  "refsource": "CONFIRM",
                  "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf"
                },
                {
                  "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf",
                  "refsource": "CONFIRM",
                  "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf"
                },
                {
                  "name": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2019-12261",
                  "refsource": "MISC",
                  "url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2019-12261"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2019-12261",
        "datePublished": "2019-08-09T20:27:25.000Z",
        "dateReserved": "2019-05-21T00:00:00.000Z",
        "dateUpdated": "2024-08-04T23:17:38.872Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-12260 (GCVE-0-2019-12260)

    Vulnerability from nvd – Published: 2019-08-09 20:18 – Updated: 2024-08-04 23:17
    VLAI
    Summary
    Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 2 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion caused by a malformed TCP AO option.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T23:17:39.851Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support2.windriver.com/index.php?page=security-notices"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20190802-0001/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2019-12260"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.f5.com/csp/article/K41190253"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 2 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion caused by a malformed TCP AO option."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-07-20T22:53:28.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support2.windriver.com/index.php?page=security-notices"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://security.netapp.com/advisory/ntap-20190802-0001/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2019-12260"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.f5.com/csp/article/K41190253"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2019-12260",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 2 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion caused by a malformed TCP AO option."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.oracle.com/security-alerts/cpuoct2020.html",
                  "refsource": "MISC",
                  "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
                },
                {
                  "name": "https://support2.windriver.com/index.php?page=security-notices",
                  "refsource": "MISC",
                  "url": "https://support2.windriver.com/index.php?page=security-notices"
                },
                {
                  "name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009",
                  "refsource": "CONFIRM",
                  "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009"
                },
                {
                  "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf",
                  "refsource": "CONFIRM",
                  "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf"
                },
                {
                  "name": "https://security.netapp.com/advisory/ntap-20190802-0001/",
                  "refsource": "CONFIRM",
                  "url": "https://security.netapp.com/advisory/ntap-20190802-0001/"
                },
                {
                  "name": "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/",
                  "refsource": "CONFIRM",
                  "url": "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/"
                },
                {
                  "name": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2019-12260",
                  "refsource": "MISC",
                  "url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2019-12260"
                },
                {
                  "name": "https://support.f5.com/csp/article/K41190253",
                  "refsource": "CONFIRM",
                  "url": "https://support.f5.com/csp/article/K41190253"
                },
                {
                  "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf",
                  "refsource": "CONFIRM",
                  "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf"
                },
                {
                  "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf",
                  "refsource": "CONFIRM",
                  "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf"
                },
                {
                  "name": "https://www.oracle.com//security-alerts/cpujul2021.html",
                  "refsource": "MISC",
                  "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2019-12260",
        "datePublished": "2019-08-09T20:18:30.000Z",
        "dateReserved": "2019-05-21T00:00:00.000Z",
        "dateUpdated": "2024-08-04T23:17:39.851Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-35198 (GCVE-0-2020-35198)

    Vulnerability from cvelistv5 – Published: 2021-05-12 10:55 – Updated: 2024-08-04 17:02
    VLAI
    Summary
    An issue was discovered in Wind River VxWorks 7. The memory allocator has a possible integer overflow in calculating a memory block's size to be allocated by calloc(). As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T17:02:06.842Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support2.windriver.com/index.php?page=security-notices"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2020-35198"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An issue was discovered in Wind River VxWorks 7. The memory allocator has a possible integer overflow in calculating a memory block\u0027s size to be allocated by calloc(). As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-04-19T23:22:42.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support2.windriver.com/index.php?page=security-notices"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2020-35198"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2020-35198",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An issue was discovered in Wind River VxWorks 7. The memory allocator has a possible integer overflow in calculating a memory block\u0027s size to be allocated by calloc(). As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support2.windriver.com/index.php?page=security-notices",
                  "refsource": "MISC",
                  "url": "https://support2.windriver.com/index.php?page=security-notices"
                },
                {
                  "name": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2020-35198",
                  "refsource": "MISC",
                  "url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2020-35198"
                },
                {
                  "name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
                  "refsource": "MISC",
                  "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2020-35198",
        "datePublished": "2021-05-12T10:55:47.000Z",
        "dateReserved": "2020-12-12T00:00:00.000Z",
        "dateUpdated": "2024-08-04T17:02:06.842Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-28895 (GCVE-0-2020-28895)

    Vulnerability from cvelistv5 – Published: 2021-02-03 15:16 – Updated: 2024-08-04 16:41
    VLAI
    Title
    integer overflow in calloc
    Summary
    In Wind River VxWorks, memory allocator has a possible overflow in calculating the memory block's size to be allocated by calloc(). As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption.
    CWE
    • n/a
    Assigner
    Date Public
    2020-12-14 00:00
    Credits
    Reported by Omri Ben Bassat <v-obenbassat@microsoft.com>
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T16:41:00.095Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support2.windriver.com/index.php?page=defects\u0026on=view\u0026id=V7LIBC-1327"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2020-28895"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Reported by Omri Ben Bassat \u003cv-obenbassat@microsoft.com\u003e"
            }
          ],
          "datePublic": "2020-12-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "In Wind River VxWorks, memory allocator has a possible overflow in calculating the memory block\u0027s size to be allocated by calloc(). As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-04-19T23:22:39.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support2.windriver.com/index.php?page=defects\u0026on=view\u0026id=V7LIBC-1327"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2020-28895"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "integer overflow in calloc",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2020-28895",
              "STATE": "PUBLIC",
              "TITLE": "integer overflow in calloc"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Reported by Omri Ben Bassat \u003cv-obenbassat@microsoft.com\u003e"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In Wind River VxWorks, memory allocator has a possible overflow in calculating the memory block\u0027s size to be allocated by calloc(). As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support2.windriver.com/index.php?page=defects\u0026on=view\u0026id=V7LIBC-1327",
                  "refsource": "MISC",
                  "url": "https://support2.windriver.com/index.php?page=defects\u0026on=view\u0026id=V7LIBC-1327"
                },
                {
                  "name": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2020-28895",
                  "refsource": "MISC",
                  "url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2020-28895"
                },
                {
                  "name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
                  "refsource": "MISC",
                  "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
                }
              ]
            },
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2020-28895",
        "datePublished": "2021-02-03T15:16:34.000Z",
        "dateReserved": "2020-11-17T00:00:00.000Z",
        "dateUpdated": "2024-08-04T16:41:00.095Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-12261 (GCVE-0-2019-12261)

    Vulnerability from cvelistv5 – Published: 2019-08-09 20:27 – Updated: 2024-08-04 23:17
    VLAI
    Summary
    Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion during connect() to a remote host.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T23:17:38.872Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support2.windriver.com/index.php?page=security-notices"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20190802-0001/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.f5.com/csp/article/K41190253"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2019-12261"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion during connect() to a remote host."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-10-20T21:14:56.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support2.windriver.com/index.php?page=security-notices"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://security.netapp.com/advisory/ntap-20190802-0001/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.f5.com/csp/article/K41190253"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2019-12261"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2019-12261",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion during connect() to a remote host."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.oracle.com/security-alerts/cpuoct2020.html",
                  "refsource": "MISC",
                  "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
                },
                {
                  "name": "https://support2.windriver.com/index.php?page=security-notices",
                  "refsource": "MISC",
                  "url": "https://support2.windriver.com/index.php?page=security-notices"
                },
                {
                  "name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009",
                  "refsource": "CONFIRM",
                  "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009"
                },
                {
                  "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf",
                  "refsource": "CONFIRM",
                  "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf"
                },
                {
                  "name": "https://security.netapp.com/advisory/ntap-20190802-0001/",
                  "refsource": "CONFIRM",
                  "url": "https://security.netapp.com/advisory/ntap-20190802-0001/"
                },
                {
                  "name": "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/",
                  "refsource": "CONFIRM",
                  "url": "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/"
                },
                {
                  "name": "https://support.f5.com/csp/article/K41190253",
                  "refsource": "CONFIRM",
                  "url": "https://support.f5.com/csp/article/K41190253"
                },
                {
                  "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf",
                  "refsource": "CONFIRM",
                  "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf"
                },
                {
                  "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf",
                  "refsource": "CONFIRM",
                  "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf"
                },
                {
                  "name": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2019-12261",
                  "refsource": "MISC",
                  "url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2019-12261"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2019-12261",
        "datePublished": "2019-08-09T20:27:25.000Z",
        "dateReserved": "2019-05-21T00:00:00.000Z",
        "dateUpdated": "2024-08-04T23:17:38.872Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-12260 (GCVE-0-2019-12260)

    Vulnerability from cvelistv5 – Published: 2019-08-09 20:18 – Updated: 2024-08-04 23:17
    VLAI
    Summary
    Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 2 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion caused by a malformed TCP AO option.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T23:17:39.851Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support2.windriver.com/index.php?page=security-notices"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20190802-0001/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2019-12260"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.f5.com/csp/article/K41190253"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 2 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion caused by a malformed TCP AO option."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-07-20T22:53:28.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support2.windriver.com/index.php?page=security-notices"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://security.netapp.com/advisory/ntap-20190802-0001/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2019-12260"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.f5.com/csp/article/K41190253"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2019-12260",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 2 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion caused by a malformed TCP AO option."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.oracle.com/security-alerts/cpuoct2020.html",
                  "refsource": "MISC",
                  "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
                },
                {
                  "name": "https://support2.windriver.com/index.php?page=security-notices",
                  "refsource": "MISC",
                  "url": "https://support2.windriver.com/index.php?page=security-notices"
                },
                {
                  "name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009",
                  "refsource": "CONFIRM",
                  "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0009"
                },
                {
                  "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf",
                  "refsource": "CONFIRM",
                  "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-632562.pdf"
                },
                {
                  "name": "https://security.netapp.com/advisory/ntap-20190802-0001/",
                  "refsource": "CONFIRM",
                  "url": "https://security.netapp.com/advisory/ntap-20190802-0001/"
                },
                {
                  "name": "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/",
                  "refsource": "CONFIRM",
                  "url": "https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/"
                },
                {
                  "name": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2019-12260",
                  "refsource": "MISC",
                  "url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2019-12260"
                },
                {
                  "name": "https://support.f5.com/csp/article/K41190253",
                  "refsource": "CONFIRM",
                  "url": "https://support.f5.com/csp/article/K41190253"
                },
                {
                  "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf",
                  "refsource": "CONFIRM",
                  "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf"
                },
                {
                  "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf",
                  "refsource": "CONFIRM",
                  "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf"
                },
                {
                  "name": "https://www.oracle.com//security-alerts/cpujul2021.html",
                  "refsource": "MISC",
                  "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2019-12260",
        "datePublished": "2019-08-09T20:18:30.000Z",
        "dateReserved": "2019-05-21T00:00:00.000Z",
        "dateUpdated": "2024-08-04T23:17:39.851Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }