CVE-2015-0986

Опубликовано: 26 мая 2015

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Multiple stack-based buffer overflows in Moxa VPort ActiveX SDK Plus before 2.8 allow remote attackers to insert assembly-code lines via vectors involving a regkey (1) set or (2) get command.

Ссылки

http://www.moxa.com/support/download.aspx?d_id=2114
Patch
http://www.securityfocus.com/bid/73960
http://www.zerodayinitiative.com/advisories/ZDI-15-392
https://ics-cert.us-cert.gov/advisories/ICSA-15-097-01
Third Party Advisory
US Government Resource
http://www.moxa.com/support/download.aspx?d_id=2114
Patch
http://www.securityfocus.com/bid/73960
http://www.zerodayinitiative.com/advisories/ZDI-15-392
https://ics-cert.us-cert.gov/advisories/ICSA-15-097-01
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:moxa:vport_activex_sdk_plus:*:*:*:*:*:*:*:*

Версия до 2.7 (включая)

EPSS

Процентиль: 75%

0.00868

Низкий

7.5 High

CVSS2

Дефекты

CWE-119

Связанные уязвимости

GHSA-vfqf-jfgm-7xmc

github

больше 3 лет назад