CVE-2014-9192

Integer overflow in Trihedral Engineering VTScada (formerly VTS) 6.5 through 9.x before 9.1.20, 10.x before 10.2.22, and 11.x before 11.1.07 allows remote attackers to cause a denial of service (server crash) via a crafted request, which triggers a large memory allocation.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
icscertCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 71%
VendorProductVersion
trihedralvtscada
6.5 ≤
𝑥
< 9.1.20
trihedralvtscada
10.0 ≤
𝑥
< 10.2.22
trihedralvtscada
11.0 ≤
𝑥
< 11.1.07
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/71591
https://ics-cert.us-cert.gov//advisories/ICSA-14-343-02
http://www.securityfocus.com/bid/71591
https://ics-cert.us-cert.gov//advisories/ICSA-14-343-02