[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

253390

 
 

909

 
 

197257

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2014-3888Date: (C)2014-07-11   (M)2023-12-22


Stack-based buffer overflow in BKFSim_vhfd.exe in Yokogawa CENTUM CS 1000, CENTUM CS 3000 R3.09.50 and earlier, CENTUM VP R5.03.20 and earlier, Exaopc R3.72.00 and earlier, B/M9000CS R5.05.01 and earlier, and B/M9000 VP R7.03.01 and earlier, when FCS/Test Function is enabled, allows remote attackers to execute arbitrary code via a crafted packet.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 8.3
Exploit Score: 8.6
Impact Score: 8.5
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: COMPLETE
  
Reference:
OSVDB-108756
EXPLOIT-DB-34009
http://ics-cert.us-cert.gov/advisories/ICSA-14-189-01
http://packetstormsecurity.com/files/127382/Yokogawa-CS3000-BKFSim_vhfd.exe-Buffer-Overflow.html
http://www.yokogawa.com/dcs/security/ysar/YSAR-14-0002E.pdf

CPE    20
cpe:/a:yokogawa:centum_vp_software:4.03.00
cpe:/a:yokogawa:centum_cs_3000:r3.08.70
cpe:/h:yokogawa:centum_cs_3000:-
cpe:/a:yokogawa:centum_cs_3000:r3.08.50
...
CWE    1
CWE-119

© SecPod Technologies