CVE-2014-5407Stack-based Buffer Overflow in Electric Vampset

CWE-121Stack-based Buffer OverflowCWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer3 documents3 sources
Severity
4.4MEDIUMNVD
CNA4.1
EPSS
0.1%
top 76.09%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Schneider Electric VampsetSchneider-electric Vampset
Timeline
PublishedSep 15
Latest updateMay 17

Description

Multiple stack-based buffer overflows in Schneider Electric VAMPSET 2.2.136 and earlier allow local users to cause a denial of service (application halt) via a malformed (1) setting file or (2) disturbance recording file.

CVSS vector

AV:L/AC:M/C:P/I:P/A:PExploitability: 3.4 | Impact: 6.4

Affected Packages2 packages

CVEListV5schneider_electric/vampset2.2.136

🔴Vulnerability Details

2
GHSA
GHSA-5865-xr2h-gxr4: Multiple stack-based buffer overflows in Schneider Electric VAMPSET 22022-05-17
CVEList
Schneider Electric VAMPSET Stack-based Buffer Overflow2014-09-15
CVE-2014-5407 — Stack-based Buffer Overflow | cvebase