Treck TCP/IP 6.0.1.28

CPE Details

Treck TCP/IP 6.0.1.28
treck
tcp\/ip
6.0.1.28
2020-07-10
17h49 +00:00
2020-07-10
17h49 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:treck:tcp\/ip:6.0.1.28:*:*:*:*:*:*:*

Informations

Vendor

treck

Product

tcp\/ip

Version

6.0.1.28

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2020-25066 2020-12-22 20h04 +00:00 A heap-based buffer overflow in the Treck HTTP Server component before 6.0.1.68 allows remote attackers to cause a denial of service (crash/reset) or to possibly execute arbitrary code.
10
Critical
CVE-2020-11899 2020-06-17 10h27 +00:00 The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read.
5.4
Medium
CVE-2020-11914 2020-06-17 08h59 +00:00 The Treck TCP/IP stack before 6.0.1.66 has an ARP Out-of-bounds Read.
4.3
Medium
CVE-2020-11913 2020-06-17 08h58 +00:00 The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read.
5.3
Medium
CVE-2020-11912 2020-06-17 08h56 +00:00 The Treck TCP/IP stack before 6.0.1.66 has a TCP Out-of-bounds Read.
5.3
Medium
CVE-2020-11911 2020-06-17 08h55 +00:00 The Treck TCP/IP stack before 6.0.1.66 has Improper ICMPv4 Access Control.
5.3
Medium
CVE-2020-11910 2020-06-17 08h52 +00:00 The Treck TCP/IP stack before 6.0.1.66 has an ICMPv4 Out-of-bounds Read.
5.3
Medium
CVE-2020-11909 2020-06-17 08h51 +00:00 The Treck TCP/IP stack before 6.0.1.66 has an IPv4 Integer Underflow.
5.3
Medium
CVE-2020-11907 2020-06-17 08h47 +00:00 The Treck TCP/IP stack before 6.0.1.66 improperly handles a Length Parameter Inconsistency in TCP.
6.3
Medium
CVE-2020-11906 2020-06-17 08h44 +00:00 The Treck TCP/IP stack before 6.0.1.66 has an Ethernet Link Layer Integer Underflow.
6.3
Medium
CVE-2020-11905 2020-06-17 08h43 +00:00 The Treck TCP/IP stack before 6.0.1.66 has a DHCPv6 Out-of-bounds Read.
6.5
Medium
CVE-2020-11904 2020-06-17 08h41 +00:00 The Treck TCP/IP stack before 6.0.1.66 has an Integer Overflow during Memory Allocation that causes an Out-of-Bounds Write.
7.3
High
CVE-2020-11902 2020-06-17 08h36 +00:00 The Treck TCP/IP stack before 6.0.1.66 has an IPv6OverIPv4 tunneling Out-of-bounds Read.
7.3
High
CVE-2020-11901 2020-06-17 08h34 +00:00 The Treck TCP/IP stack before 6.0.1.66 allows Remote Code execution via a single invalid DNS response.
9
Critical
CVE-2020-11900 2020-06-17 08h30 +00:00 The Treck TCP/IP stack before 6.0.1.41 has an IPv4 tunneling Double Free.
8.2
High
CVE-2020-11898 2020-06-17 08h26 +00:00 The Treck TCP/IP stack before 6.0.1.66 improperly handles an IPv4/ICMPv4 Length Parameter Inconsistency, which might allow remote attackers to trigger an information leak.
9.1
Critical
CVE-2020-11896 2020-06-17 08h21 +00:00 The Treck TCP/IP stack before 6.0.1.66 allows Remote Code Execution, related to IPv4 tunneling.
10
Critical
CVE-2020-10136 2020-06-02 08h35 +00:00 IP-in-IP protocol specifies IP Encapsulation within IP standard (RFC 2003, STD 1) that decapsulate and route IP-in-IP traffic is vulnerable to spoofing, access-control bypass and other unexpected behavior due to the lack of validation to verify network packets before decapsulation and routing.
5.3
Medium
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.