CVE-2015-2898

Multiple stack-based buffer overflows in Medicomp MEDCIN Engine before 2.22.20153.226 might allow remote attackers to execute arbitrary code via a crafted packet on port 8190, related to (1) the SetGroupSequenceEx na_setgroupsequenceex function, (2) the FormatDate julptostr function, and (3) the UserFindingCodes addtocl function.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
certccCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 93%
VendorProductVersion
medicompmedcin_engine
𝑥
≤ 2.22.20142.166
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.kb.cert.org/vuls/id/675052
http://www.securifera.com/advisories/CVE-2015-2898-2901/
http://www.kb.cert.org/vuls/id/675052
http://www.securifera.com/advisories/CVE-2015-2898-2901/