CVE-2014-9192

Sažetak

Integer overflow in Trihedral Engineering VTScada (formerly VTS) 6.5 through 9.x before 9.1.20, 10.x before 10.2.22, and 11.x before 11.1.07 allows remote attackers to cause a denial of service (server crash) via a crafted request, which triggers a large memory allocation.

Reference

http://www.securityfocus.com/bid/71591
http://www.trihedral.com/help/#Op_Welcome/Wel_UpgradeNotes.htm
https://www.cisa.gov/news-events/ics-advisories/icsa-14-343-02
http://www.securityfocus.com/bid/71591
https://ics-cert.us-cert.gov//advisories/ICSA-14-343-02

CVSS

Base:	7.8
Impact:	6.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:N/C:N/I:N/A:C

Zadnje važnije ažuriranje

25-07-2025 - 17:15

Objavljeno

11-12-2014 - 15:59