NVD

Id
86054  
Name
CVE-2017-7967  
Description
All versions of VAMPSET software produced by Schneider Electric, prior to V2.2.189, are susceptible to a memory corruption vulnerability when a corrupted vf2 file is used. This vulnerability causes the software to halt or not start when trying to open the corrupted file. This vulnerability occurs when fill settings are intentionally malformed and is opened in a standalone state, without connection to a protection relay. This attack is not considered to be remotely exploitable. This vulnerability has no effect on the operation of the protection relay to which VAMPSET is connected. As Windows operating system remains operational and VAMPSET responds, it is able to be shut down through its normal closing protocol.  
Reject
 
CVSS Version
2  
CVSS Score
2.1  
Severity
Low  
CVSS Base Score
2.1  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
3.9  
CVSS Vector
(AV:L/AC:L/Au:N/C:N/I:N/A:P)  
Pub Date
2017-05-27  
Published
2017-05-09  
Modified Date
2017-05-22  
Seq
2017-7967  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
422645 86054 CVE-2017-0477 https://source.android.com/security/bulletin/2017-03-01  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
67709 JVNDB-2017-003998 Schneider Electric VAMPSET ソフトウェアにおけるバッファエラーの脆弱性 Schneider Electric VAMPSET ソフトウェアには、バッファエラーの脆弱性が存在します。 CVE-2017-7967 0 CVE-2017-7967 86054 2.1 5.5 http://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-003998.html 2017-05-11 2017-06-13 View