cvelistv5 - cve-2013-0682

cve-2013-0682

Vulnerability from cvelistv5

Published

2013-04-05 21:00

Modified

2024-09-16 23:42

Severity ?

Summary

References

▼	URL	Tags
	ics-cert@hq.dhs.gov	http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf	US Government Resource
	af854a3a-2127-422b-91ae-364da2661108	http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf	US Government Resource

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T14:33:05.495Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 do not properly handle exceptions, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via malformed data in a formatted text command, leading to out-of-bounds access to (1) heap or (2) stack memory."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2013-04-05T21:00:00Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2013-0682",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 do not properly handle exceptions, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via malformed data in a formatted text command, leading to out-of-bounds access to (1) heap or (2) stack memory."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf",
              "refsource": "MISC",
              "url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2013-0682",
    "datePublished": "2013-04-05T21:00:00Z",
    "dateReserved": "2012-12-19T00:00:00Z",
    "dateUpdated": "2024-09-16T23:42:06.462Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2013-0682\",\"sourceIdentifier\":\"ics-cert@hq.dhs.gov\",\"published\":\"2013-04-05T21:55:00.863\",\"lastModified\":\"2024-11-21T01:48:00.127\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 do not properly handle exceptions, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via malformed data in a formatted text command, leading to out-of-bounds access to (1) heap or (2) stack memory.\"},{\"lang\":\"es\",\"value\":\"Cogent Real-Time Systems Cogent DataHub anteriores a v7.3.0, OPC DataHub asnteriores a v6.4.22, Cascade DataHub anteriores a v6.4.22 en Windows, y DataHub QuickTrend anteriores a v7.3.0 no manejan las excepciones de forma adecuada, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo a trav\u00e9s de datos mal generados en un comando de texto formateado, conduciendo un acceso fuera del l\u00edmite a (1) memoria din\u00e1mica o (2) pila de memoria.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cogentdatahub:cogent_datahub:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"7.2.2\",\"matchCriteriaId\":\"295B2419-6CBA-4815-B0E8-51D5F5BCCB80\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cogentdatahub:cogent_datahub:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2DE7A08-D283-4EB3-BAAE-0BA4A8C2E088\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cogentdatahub:cogent_datahub:7.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"66059E64-6EB2-4F9D-BCB3-099A01C9E72A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cogentdatahub:cogent_datahub:7.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F05AAB16-437D-4A4E-892B-9B83E47FEC24\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cogentdatahub:cogent_datahub:7.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"65D16B36-567F-499D-AC7B-D2CC85AD9327\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cogentdatahub:cogent_datahub:7.1.1.63:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8EC08FD-5473-4DB6-9828-8D007FE1E5FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cogentdatahub:cogent_datahub:7.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2724B2F-49B9-4423-A8D5-95B1E81DDEF9\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cogentdatahub:opc_datahub:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"6.4.21\",\"matchCriteriaId\":\"5AF17ED5-1959-48BD-8166-730151AE4DE7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cogentdatahub:opc_datahub:6.4.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49266854-6F6B-43F1-8A2F-DE12CAC65F99\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cogentdatahub:cascade_datahub:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"6.4.21\",\"matchCriteriaId\":\"2B53B6E6-3FA4-461E-9CCB-1797D513F84F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cogentdatahub:cascade_datahub:6.4.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4E8524E-2F62-4B01-83E7-686525DB00D2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CF61F35-5905-4BA9-AD7E-7DB261D2F256\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cogentdatahub:datahub_quicktrend:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"7.2.2\",\"matchCriteriaId\":\"4472B878-C776-45F2-93EF-F4C423F2AB61\"}]}]}],\"references\":[{\"url\":\"http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]}]}}"
  }
}

Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 do not properly handle exceptions, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via malformed data in a formatted text command, leading to out-of-bounds access to (1) heap or (2) stack memory. Cogent Real-Time Systems is a real-time data solutions vendor. The Cogent Real-Time Systems DataHub application receives formatted text commands in TCP link mode that are parsed, verified, and executed within the application. An attacker can exploit this issue to execute arbitrary code within the context of the affected applications. Failed exploit attempts may crash the application, denying service to legitimate users. The following Cogent Real-Time Systems products are vulnerable: Cogent DataHub 7.2.2 and prior versions OPC DataHub 6.4.21 and prior versions Cascade DataHub for Windows 6.4.21 and prior versions Cogent DataHub DataSim and DataPid demonstration clients 7.2.2 OPC DataHub DataSim and DataPid demonstration clients 6.4.21 Cascade DataHub DataSim and DataPid demonstration clients 6.4.21 DataHub QuickTrend 7.2.2 and prior versions

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201304-0154",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "cogent datahub",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cogentdatahub",
        "version": "7.1.1"
      },
      {
        "model": "cascade datahub",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cogentdatahub",
        "version": "6.4.20"
      },
      {
        "model": "cogent datahub",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cogentdatahub",
        "version": "7.1.1.63"
      },
      {
        "model": "cogent datahub",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cogentdatahub",
        "version": "7.1.2"
      },
      {
        "model": "cogent datahub",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cogentdatahub",
        "version": "7.1.0"
      },
      {
        "model": "opc datahub",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cogentdatahub",
        "version": "6.4.20"
      },
      {
        "model": "datahub quicktrend",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "cogentdatahub",
        "version": "7.2.2"
      },
      {
        "model": "opc datahub",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "cogentdatahub",
        "version": "6.4.21"
      },
      {
        "model": "cogent datahub",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "cogentdatahub",
        "version": "7.2.2"
      },
      {
        "model": "cascade datahub",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "cogentdatahub",
        "version": "6.4.21"
      },
      {
        "model": "cogent datahub",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cogentdatahub",
        "version": "7.0.2"
      },
      {
        "model": "cogent datahub",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cogentdatahub",
        "version": "7.0"
      },
      {
        "model": "cascade datahub",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cogent real time",
        "version": "6.4.22"
      },
      {
        "model": "datahub",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cogent real time",
        "version": "7.3.0"
      },
      {
        "model": "datahub quicktrend",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cogent real time",
        "version": "7.3.0"
      },
      {
        "model": "opc datahub",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cogent real time",
        "version": "6.4.22"
      },
      {
        "model": "real-time systems opc datahub",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cogent",
        "version": "6.4.21"
      },
      {
        "model": "real-time systems cascade datahub",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cogent",
        "version": "6.4.21"
      },
      {
        "model": "real-time systems cogent datahub",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cogent",
        "version": "7.2.2"
      },
      {
        "model": "real-time systems datahub quicktrend",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cogent",
        "version": "7.2.2"
      },
      {
        "model": "real-time systems datapid",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cogent",
        "version": "7.2.2"
      },
      {
        "model": "real-time systems datapid",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cogent",
        "version": "6.4.21"
      },
      {
        "model": "real-time systems datasim",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cogent",
        "version": "7.2.2"
      },
      {
        "model": "real-time systems datasim",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cogent",
        "version": "6.4.21"
      },
      {
        "model": "datahub quicktrend",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cogentdatahub",
        "version": "7.2.2"
      },
      {
        "model": "cogent datahub",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cogentdatahub",
        "version": "7.2.2"
      },
      {
        "model": "cascade datahub",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cogentdatahub",
        "version": "6.4.21"
      },
      {
        "model": "opc datahub",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cogentdatahub",
        "version": "6.4.21"
      },
      {
        "model": "real-time systems opc datahub",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cogent",
        "version": "6.4.20"
      },
      {
        "model": "real-time systems opc datahub",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cogent",
        "version": "6.0.2"
      },
      {
        "model": "real-time systems opc datahub",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cogent",
        "version": "6"
      },
      {
        "model": "real-time systems cogent datahub",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cogent",
        "version": "7.1.2"
      },
      {
        "model": "real-time systems cogent datahub",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cogent",
        "version": "7.1.1.63"
      },
      {
        "model": "real-time systems cogent datahub",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cogent",
        "version": "7"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "cogent datahub",
        "version": "7.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "cogent datahub",
        "version": "7.0.2"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "cogent datahub",
        "version": "7.1.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "cogent datahub",
        "version": "7.1.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "cogent datahub",
        "version": "7.1.1.63"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "cogent datahub",
        "version": "7.1.2"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "cogent datahub",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "opc datahub",
        "version": "6.4.20"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "opc datahub",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "cascade datahub",
        "version": "6.4.20"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "cascade datahub",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "datahub quicktrend",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "038f53d4-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02823"
      },
      {
        "db": "BID",
        "id": "58905"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002156"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201304-032"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0682"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:cogentdatahub:cascade_datahub",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:cogentdatahub:cogent_datahub",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:cogentdatahub:datahub_quicktrend",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:cogentdatahub:opc_datahub",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002156"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Dillon Beresford",
    "sources": [
      {
        "db": "BID",
        "id": "58905"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2013-0682",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2013-0682",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 8.5,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2013-02823",
            "impactScore": 7.8,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 8.5,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "038f53d4-2353-11e6-abef-000c29c66e3d",
            "impactScore": 7.8,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:C",
            "version": "2.9 [IVD]"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2013-0682",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2013-0682",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2013-02823",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201304-032",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "038f53d4-2353-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "038f53d4-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02823"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002156"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201304-032"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0682"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 do not properly handle exceptions, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via malformed data in a formatted text command, leading to out-of-bounds access to (1) heap or (2) stack memory. Cogent Real-Time Systems is a real-time data solutions vendor. The Cogent Real-Time Systems DataHub application receives formatted text commands in TCP link mode that are parsed, verified, and executed within the application. \nAn attacker can exploit this issue to execute arbitrary code within the context of the affected applications. Failed exploit attempts may crash the application, denying service to legitimate users. \nThe following Cogent Real-Time Systems products are vulnerable:\nCogent DataHub 7.2.2 and prior versions\nOPC DataHub 6.4.21 and prior versions\nCascade DataHub for Windows 6.4.21 and prior versions\nCogent DataHub DataSim and DataPid demonstration clients 7.2.2\nOPC DataHub DataSim and DataPid demonstration clients 6.4.21\nCascade DataHub DataSim and DataPid demonstration clients 6.4.21\nDataHub QuickTrend 7.2.2 and prior versions",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-0682"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002156"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02823"
      },
      {
        "db": "BID",
        "id": "58905"
      },
      {
        "db": "IVD",
        "id": "038f53d4-2353-11e6-abef-000c29c66e3d"
      }
    ],
    "trust": 2.61
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2013-0682",
        "trust": 3.5
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-13-095-01",
        "trust": 3.3
      },
      {
        "db": "BID",
        "id": "58905",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02823",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201304-032",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002156",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "038F53D4-2353-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "038f53d4-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02823"
      },
      {
        "db": "BID",
        "id": "58905"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002156"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201304-032"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0682"
      }
    ]
  },
  "id": "VAR-201304-0154",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "038f53d4-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02823"
      }
    ],
    "trust": 1.6601670400000001
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "038f53d4-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02823"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:55:36.562000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Cogent DataHub",
        "trust": 0.8,
        "url": "http://www.cogentdatahub.com/Products/Cogent_DataHub.html"
      },
      {
        "title": "OPC DataHub",
        "trust": 0.8,
        "url": "http://www.cogentdatahub.com/Products/OPC_DataHub.html"
      },
      {
        "title": "Cascade DataHub",
        "trust": 0.8,
        "url": "http://www.cogentdatahub.com/Products/Cascade_DataHub.html"
      },
      {
        "title": "DataHub QuickTrend",
        "trust": 0.8,
        "url": "http://www.cogentdatahub.com/Products/DataHub_QuickTrend.html"
      },
      {
        "title": "Release Notes",
        "trust": 0.8,
        "url": "http://www.cogentdatahub.com/ReleaseNotes.html"
      },
      {
        "title": "Download Software",
        "trust": 0.8,
        "url": "http://www.cogentdatahub.com/Contact_Form.html"
      },
      {
        "title": "TopPage",
        "trust": 0.8,
        "url": "http://www.cogentdatahub.com/jp/"
      },
      {
        "title": "Cogent Real-Time Systems DataHub Text Command Buffer Overflow Vulnerability Patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/33174"
      },
      {
        "title": "OPCDataHub-6.4.22-130302-Windows",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=45674"
      },
      {
        "title": "CogentDataHub-7.3.0-130328-Windows",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=45673"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-02823"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002156"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201304-032"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002156"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0682"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.3,
        "url": "http://ics-cert.us-cert.gov/pdf/icsa-13-095-01.pdf"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0682"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0682"
      },
      {
        "trust": 0.3,
        "url": "http://www.cogentdatahub.com/products/cogent_datahub.html"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-02823"
      },
      {
        "db": "BID",
        "id": "58905"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002156"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201304-032"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0682"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "038f53d4-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02823"
      },
      {
        "db": "BID",
        "id": "58905"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-002156"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201304-032"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0682"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-04-09T00:00:00",
        "db": "IVD",
        "id": "038f53d4-2353-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2013-04-09T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-02823"
      },
      {
        "date": "2013-04-05T00:00:00",
        "db": "BID",
        "id": "58905"
      },
      {
        "date": "2013-04-09T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-002156"
      },
      {
        "date": "2013-04-07T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201304-032"
      },
      {
        "date": "2013-04-05T21:55:00.863000",
        "db": "NVD",
        "id": "CVE-2013-0682"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-05-17T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-02823"
      },
      {
        "date": "2015-03-19T09:23:00",
        "db": "BID",
        "id": "58905"
      },
      {
        "date": "2013-04-09T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-002156"
      },
      {
        "date": "2013-04-07T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201304-032"
      },
      {
        "date": "2024-11-21T01:48:00.127000",
        "db": "NVD",
        "id": "CVE-2013-0682"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201304-032"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cogent Real-Time Systems DataHub Text Command Buffer Overflow Vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "038f53d4-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-02823"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Buffer overflow",
    "sources": [
      {
        "db": "IVD",
        "id": "038f53d4-2353-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201304-032"
      }
    ],
    "trust": 0.8
  }
}

gsd-2013-0682

Vulnerability from gsd

Modified

2023-12-13 01:22

Details

Aliases

CVE-2013-0682

Aliases

CVE-2013-0682

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2013-0682",
    "description": "Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 do not properly handle exceptions, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via malformed data in a formatted text command, leading to out-of-bounds access to (1) heap or (2) stack memory.",
    "id": "GSD-2013-0682"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2013-0682"
      ],
      "details": "Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 do not properly handle exceptions, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via malformed data in a formatted text command, leading to out-of-bounds access to (1) heap or (2) stack memory.",
      "id": "GSD-2013-0682",
      "modified": "2023-12-13T01:22:15.191456Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "ics-cert@hq.dhs.gov",
        "ID": "CVE-2013-0682",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 do not properly handle exceptions, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via malformed data in a formatted text command, leading to out-of-bounds access to (1) heap or (2) stack memory."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf",
            "refsource": "MISC",
            "url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.1.1.63:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cogentdatahub:cogent_datahub:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "7.2.2",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cogentdatahub:opc_datahub:6.4.20:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cogentdatahub:opc_datahub:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "6.4.21",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:cogentdatahub:cascade_datahub:6.4.20:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:cogentdatahub:cascade_datahub:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "6.4.21",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cogentdatahub:datahub_quicktrend:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "7.2.2",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2013-0682"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 do not properly handle exceptions, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via malformed data in a formatted text command, leading to out-of-bounds access to (1) heap or (2) stack memory."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf",
              "refsource": "MISC",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2013-04-09T04:00Z",
      "publishedDate": "2013-04-05T21:55Z"
    }
  }
}

ghsa-6x93-83cp-mv44

Vulnerability from github

Published

2022-05-17 05:12

Modified

2022-05-17 05:12

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2013-0682"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2013-04-05T21:55:00Z",
    "severity": "HIGH"
  },
  "details": "Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 do not properly handle exceptions, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via malformed data in a formatted text command, leading to out-of-bounds access to (1) heap or (2) stack memory.",
  "id": "GHSA-6x93-83cp-mv44",
  "modified": "2022-05-17T05:12:05Z",
  "published": "2022-05-17T05:12:05Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0682"
    },
    {
      "type": "WEB",
      "url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

fkie_cve-2013-0682

Vulnerability from fkie_nvd

Published

2013-04-05 21:55

Modified

2024-11-21 01:48

Severity ?

Summary

References

▼	URL	Tags
	ics-cert@hq.dhs.gov	http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf	US Government Resource
	af854a3a-2127-422b-91ae-364da2661108	http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf	US Government Resource

Impacted products

Vendor	Product	Version
cogentdatahub	cogent_datahub	*
cogentdatahub	cogent_datahub	7.0
cogentdatahub	cogent_datahub	7.0.2
cogentdatahub	cogent_datahub	7.1.0
cogentdatahub	cogent_datahub	7.1.1
cogentdatahub	cogent_datahub	7.1.1.63
cogentdatahub	cogent_datahub	7.1.2
cogentdatahub	opc_datahub	*
cogentdatahub	opc_datahub	6.4.20
cogentdatahub	cascade_datahub	*
cogentdatahub	cascade_datahub	6.4.20
microsoft	windows	*
cogentdatahub	datahub_quicktrend	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cogentdatahub:cogent_datahub:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "295B2419-6CBA-4815-B0E8-51D5F5BCCB80",
              "versionEndIncluding": "7.2.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2DE7A08-D283-4EB3-BAAE-0BA4A8C2E088",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "66059E64-6EB2-4F9D-BCB3-099A01C9E72A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F05AAB16-437D-4A4E-892B-9B83E47FEC24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "65D16B36-567F-499D-AC7B-D2CC85AD9327",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.1.1.63:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8EC08FD-5473-4DB6-9828-8D007FE1E5FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2724B2F-49B9-4423-A8D5-95B1E81DDEF9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cogentdatahub:opc_datahub:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AF17ED5-1959-48BD-8166-730151AE4DE7",
              "versionEndIncluding": "6.4.21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cogentdatahub:opc_datahub:6.4.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "49266854-6F6B-43F1-8A2F-DE12CAC65F99",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cogentdatahub:cascade_datahub:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B53B6E6-3FA4-461E-9CCB-1797D513F84F",
              "versionEndIncluding": "6.4.21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cogentdatahub:cascade_datahub:6.4.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4E8524E-2F62-4B01-83E7-686525DB00D2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cogentdatahub:datahub_quicktrend:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4472B878-C776-45F2-93EF-F4C423F2AB61",
              "versionEndIncluding": "7.2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 do not properly handle exceptions, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via malformed data in a formatted text command, leading to out-of-bounds access to (1) heap or (2) stack memory."
    },
    {
      "lang": "es",
      "value": "Cogent Real-Time Systems Cogent DataHub anteriores a v7.3.0, OPC DataHub asnteriores a v6.4.22, Cascade DataHub anteriores a v6.4.22 en Windows, y DataHub QuickTrend anteriores a v7.3.0 no manejan las excepciones de forma adecuada, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo a trav\u00e9s de datos mal generados en un comando de texto formateado, conduciendo un acceso fuera del l\u00edmite a (1) memoria din\u00e1mica o (2) pila de memoria."
    }
  ],
  "id": "CVE-2013-0682",
  "lastModified": "2024-11-21T01:48:00.127",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-04-05T21:55:00.863",
  "references": [
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf"
    }
  ],
  "sourceIdentifier": "ics-cert@hq.dhs.gov",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2013-0682

Vulnerability from cvelistv5

var-201304-0154

Vulnerability from variot

gsd-2013-0682

Vulnerability from gsd

ghsa-6x93-83cp-mv44

Vulnerability from github

fkie_cve-2013-0682

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature