NVD

Id
35957  
Name
CVE-2014-9206  
Description
Stack-based buffer overflow in Device Type Manager (DTM) 3.1.6 and earlier for Schneider Electric Invensys SRD Control Valve Positioner devices 960 and 991 allows local users to gain privileges via a malformed DLL file.  
Reject
 
CVSS Version
2  
CVSS Score
6.9  
Severity
Medium  
CVSS Base Score
6.9  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
3.4  
CVSS Vector
(AV:L/AC:M/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-19  
Published
2015-03-13  
Modified Date
2016-08-26  
Seq
2014-9206  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
183957 35957 CVE-2014-9206 http://download.schneider-electric.com/files?p_File_Id=745435959&p_File_Name=SEVD-2015-050-01.pdf  View
183958 35957 CVE-2014-9206 https://ics-cert.us-cert.gov/advisories/ICSA-15-055-03  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
19106 JVNDB-2014-007981 Schneider Electric Invensys SRD Control Valve Positioner デバイス用 Device Type Manager におけるスタックベースのバッファオーバーフローの脆弱性 Schneider Electric Invensys SRD Control Valve Positioner デバイス用 Device Type Manager (DTM) には、スタックベースのバッファオーバーフローの脆弱性が存在します。 CVE-2014-9206 76499 CVE-2014-9206 35957 6.9 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-007981.html 2014-12-02 2015-03-17 View