PT-2014-8878 · Trihedral Engineering · Vtscada
Published
2014-12-11
·
Updated
2019-02-01
·
CVE-2014-9192
CVSS v2.0
7.8
High
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Trihedral Engineering VTScada versions 6.5 through 9.x before 9.1.20
Trihedral Engineering VTScada versions 10.x before 10.2.22
Trihedral Engineering VTScada versions 11.x before 11.1.07
Description
The issue is related to an integer overflow that allows remote attackers to cause a denial of service, resulting in a server crash. This is achieved by sending a crafted request that triggers a large memory allocation.
Recommendations
For versions 6.5 through 9.x before 9.1.20, update to version 9.1.20 or later.
For versions 10.x before 10.2.22, update to version 10.2.22 or later.
For versions 11.x before 11.1.07, update to version 11.1.07 or later.
Fix
Integer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Vtscada