Name of the Vulnerable Software and Affected Versions 1С:Предприятие (affected versions not specified)

Description The issue concerns the server processes ragent.exe, rmngr.exe, rhost.exe of the 1С:Предприятие automation system, which use the same core82.dll module. A specially crafted TCP packet can be interpreted as a sequence of recursive function calls, leading to application stack exhaustion. This allows a remote attacker to cause a denial of service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.