CVE-2015-2899

EUVD-2015-2987
Heap-based buffer overflow in the QualifierList retrieve_qualifier_list function in Medicomp MEDCIN Engine before 2.22.20153.226 might allow remote attackers to execute arbitrary code via a long list name in a packet on port 8190.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 89%
Affected Products (NVD)
VendorProductVersion
medicompmedcin_engine
𝑥
≤ 2.22.20142.166
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.kb.cert.org/vuls/id/675052
http://www.securifera.com/advisories/CVE-2015-2898-2901/
http://www.kb.cert.org/vuls/id/675052
http://www.securifera.com/advisories/CVE-2015-2898-2901/