7.5
CVE-2019-8276
- EPSS 0.85%
- Veröffentlicht 08.03.2019 23:29:00
- Zuletzt bearbeitet 21.11.2024 04:49:37
- Quelle vulnerability@kaspersky.com
- Teams Watchlist Login
- Unerledigt Login
UltraVNC revision 1211 has a stack buffer overflow vulnerability in VNC server code inside file transfer request handler, which can result in Denial of Service (DoS). This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Siemens ≫ Sinumerik Access Mymachine/p2p Version < 4.8
Siemens ≫ Sinumerik Pcu Base Win10 Software/ipc Version < 14.00
Siemens ≫ Sinumerik Pcu Base Win7 Software/ipc Version <= 12.01
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.85% | 0.739 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
CWE-121 Stack-based Buffer Overflow
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.