Wind River VxWorks 6.8.3

CPE Details

Wind River VxWorks 6.8.3
windriver
vxworks
6.8.3
2021-02-22
19h52 +00:00
2021-02-22
19h52 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:o:windriver:vxworks:6.8.3:*:*:*:*:*:*:*

Informations

Vendor

windriver

Product

vxworks

Version

6.8.3

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2016-20009 2021-03-11 20h39 +00:00 A DNS client stack-based buffer overflow in ipdnsc_decode_name() affects Wind River VxWorks 6.5 through 7. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
9.8
Critical
CVE-2020-11440 2020-07-23 11h59 +00:00 httpRpmFs in WebCLI in Wind River VxWorks 5.5 through 7 SR0640 has no check for an escape from the web root.
7.5
High
CVE-2020-10664 2020-04-27 10h21 +00:00 The IGMP component in VxWorks 6.8.3 IPNET CVE patches created in 2019 has a NULL Pointer Dereference.
7.5
High
CVE-2019-12261 2019-08-09 18h27 +00:00 Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion during connect() to a remote host.
9.8
Critical
CVE-2019-12260 2019-08-09 18h18 +00:00 Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 2 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion caused by a malformed TCP AO option.
9.8
Critical
CVE-2019-12258 2019-08-09 18h00 +00:00 Wind River VxWorks 6.6 through vx7 has Session Fixation in the TCP component. This is a IPNET security vulnerability: DoS of TCP connection via malformed TCP options.
7.5
High
CVE-2019-12255 2019-08-09 17h18 +00:00 Wind River VxWorks has a Buffer Overflow in the TCP component (issue 1 of 4). This is a IPNET security vulnerability: TCP Urgent Pointer = 0 that leads to an integer underflow.
9.8
Critical
CVE-2019-12265 2019-08-09 16h14 +00:00 Wind River VxWorks 6.5, 6.6, 6.7, 6.8, 6.9.3 and 6.9.4 has a Memory Leak in the IGMPv3 client component. There is an IPNET security vulnerability: IGMP Information leak via IGMPv3 specific membership report.
5.3
Medium
CVE-2019-12263 2019-08-09 16h10 +00:00 Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP component (issue 4 of 4). There is an IPNET security vulnerability: TCP Urgent Pointer state confusion due to race condition.
8.1
High
CVE-2019-12259 2019-08-09 16h05 +00:00 Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and vx7 has an array index error in the IGMPv3 client component. There is an IPNET security vulnerability: DoS via NULL dereference in IGMP parsing.
7.5
High
CVE-2019-12256 2019-08-09 15h57 +00:00 Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 component. There is an IPNET security vulnerability: Stack overflow in the parsing of IPv4 packets’ IP options.
9.8
Critical
CVE-2019-12257 2019-08-09 15h49 +00:00 Wind River VxWorks 6.6 through 6.9 has a Buffer Overflow in the DHCP client component. There is an IPNET security vulnerability: Heap overflow in DHCP Offer/ACK parsing inside ipdhcpc.
8.8
High
CVE-2015-7599 2017-02-07 16h00 +00:00 Integer overflow in the _authenticate function in svc_auth.c in Wind River VxWorks 5.5 through 6.9.4.1, when the Remote Procedure Call (RPC) protocol is enabled, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a username and password.
8.1
High
CVE-2010-2965 2010-08-04 21h00 +00:00 The WDB target agent debug service in Wind River VxWorks 6.x, 5.x, and earlier, as used on the Rockwell Automation 1756-ENBT series A with firmware 3.2.6 and 3.6.1 and other products, allows remote attackers to read or modify arbitrary memory locations, perform function calls, or manage tasks via requests to UDP port 17185, a related issue to CVE-2005-3804.
10