CVE-2014-9205

Stack-based buffer overflow in the PmBase64Decode function in an unspecified demonstration application in MICROSYS PROMOTIC stable before 8.2.19 and PROMOTIC development before 8.3.2 allows remote attackers to execute arbitrary code by providing a large amount of data.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
icscertCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 89%
VendorProductVersion
microsyspromotic
𝑥
≤ 8.2.18
microsyspromotic
𝑥
≤ 8.3.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.promotic.eu/en/pmdoc/News.htm
http://www.zerodayinitiative.com/advisories/ZDI-15-091/
https://ics-cert.us-cert.gov/advisories/ICSA-15-062-01
http://www.promotic.eu/en/pmdoc/News.htm
http://www.zerodayinitiative.com/advisories/ZDI-15-091/
https://ics-cert.us-cert.gov/advisories/ICSA-15-062-01