CVE-2014-9189
25.03.2019, 20:29
Multiple stack-based buffer overflow vulnerabilities were found in Honeywell Experion PKS all versions prior to R400.6, all versions prior to R410.6, and all versions prior to R430.2 modules that could lead to possible remote code execution, dynamic memory corruption, or denial of service. Honeywell strongly encourages and recommends all customers running unsupported versions of EKPS prior to R400 to upgrade to a supported version.Enginsight
| Vendor | Product | Version |
|---|---|---|
| honeywell | experion_process_knowledge_system | r400 ≤ 𝑥 < r400.6 |
| honeywell | experion_process_knowledge_system | r410 ≤ 𝑥 < r410.6 |
| honeywell | experion_process_knowledge_system | r430 ≤ 𝑥 < r430.2 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-121 - Stack-based Buffer OverflowA stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory BufferThe software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.