Buffer overflow in Siemens Sipass_integrated

CVE-2012-5409

AscoServer.exe in the server in Siemens SiPass integrated MP2.6 and earlier does not properly handle IOCP RPC messages received over an Ethernet network, which allows remote attackers to write data to any memory location and consequently e…

Vulnerability class: Buffer Overflow

EPSS: 0.354 (97.1th percentile) — read the EPSS interpretation.

Affected products

Siemens Sipass_integrated
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

50900 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
cve@mitre.org (x_refsource_MISC)
86129 (x_refsource_OSVDB, vdb-entry)
cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)
cve@mitre.org (x_refsource_MISC)