Search criteria
12 vulnerabilities found for datahub_quicktrend by cogentdatahub
FKIE_CVE-2013-0680
Vulnerability from fkie_nvd - Published: 2013-04-05 21:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Stack-based buffer overflow in the web server in Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long HTTP header.
References
| URL | Tags | ||
|---|---|---|---|
| ics-cert@hq.dhs.gov | http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf | US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cogentdatahub | cogent_datahub | * | |
| cogentdatahub | cogent_datahub | 7.0 | |
| cogentdatahub | cogent_datahub | 7.0.2 | |
| cogentdatahub | cogent_datahub | 7.1.0 | |
| cogentdatahub | cogent_datahub | 7.1.1 | |
| cogentdatahub | cogent_datahub | 7.1.1.63 | |
| cogentdatahub | cogent_datahub | 7.1.2 | |
| cogentdatahub | opc_datahub | * | |
| cogentdatahub | opc_datahub | 6.4.20 | |
| cogentdatahub | cascade_datahub | * | |
| cogentdatahub | cascade_datahub | 6.4.20 | |
| microsoft | windows | * | |
| cogentdatahub | datahub_quicktrend | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cogentdatahub:cogent_datahub:*:*:*:*:*:*:*:*",
"matchCriteriaId": "295B2419-6CBA-4815-B0E8-51D5F5BCCB80",
"versionEndIncluding": "7.2.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D2DE7A08-D283-4EB3-BAAE-0BA4A8C2E088",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "66059E64-6EB2-4F9D-BCB3-099A01C9E72A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F05AAB16-437D-4A4E-892B-9B83E47FEC24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "65D16B36-567F-499D-AC7B-D2CC85AD9327",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.1.1.63:*:*:*:*:*:*:*",
"matchCriteriaId": "D8EC08FD-5473-4DB6-9828-8D007FE1E5FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F2724B2F-49B9-4423-A8D5-95B1E81DDEF9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cogentdatahub:opc_datahub:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5AF17ED5-1959-48BD-8166-730151AE4DE7",
"versionEndIncluding": "6.4.21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cogentdatahub:opc_datahub:6.4.20:*:*:*:*:*:*:*",
"matchCriteriaId": "49266854-6F6B-43F1-8A2F-DE12CAC65F99",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cogentdatahub:cascade_datahub:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B53B6E6-3FA4-461E-9CCB-1797D513F84F",
"versionEndIncluding": "6.4.21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cogentdatahub:cascade_datahub:6.4.20:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E8524E-2F62-4B01-83E7-686525DB00D2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cogentdatahub:datahub_quicktrend:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4472B878-C776-45F2-93EF-F4C423F2AB61",
"versionEndIncluding": "7.2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the web server in Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long HTTP header."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pila en el servidor Web de vpnconf.exe en Cogent Real-Time Systems Cogent DataHub anteriores a v7.3.0, OPC DataHub anteriores a v6.4.22, Cascade DataHub anteriores a v6.4.22 en Windows, y DataHub QuickTrend anteriores a v7.3.0, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda del demonia) o posiblemente ejecutar c\u00f3digo a trav\u00e9s de una cabecera HTTP larga."
}
],
"id": "CVE-2013-0680",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-04-05T21:55:00.827",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"US Government Resource"
],
"url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2013-0681
Vulnerability from fkie_nvd - Published: 2013-04-05 21:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via malformed data in a formatted text command.
References
| URL | Tags | ||
|---|---|---|---|
| ics-cert@hq.dhs.gov | http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf | US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cogentdatahub | cogent_datahub | * | |
| cogentdatahub | cogent_datahub | 7.0 | |
| cogentdatahub | cogent_datahub | 7.0.2 | |
| cogentdatahub | cogent_datahub | 7.1.0 | |
| cogentdatahub | cogent_datahub | 7.1.1 | |
| cogentdatahub | cogent_datahub | 7.1.1.63 | |
| cogentdatahub | cogent_datahub | 7.1.2 | |
| cogentdatahub | opc_datahub | * | |
| cogentdatahub | opc_datahub | 6.4.20 | |
| cogentdatahub | cascade_datahub | * | |
| cogentdatahub | cascade_datahub | 6.4.20 | |
| microsoft | windows | * | |
| cogentdatahub | datahub_quicktrend | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cogentdatahub:cogent_datahub:*:*:*:*:*:*:*:*",
"matchCriteriaId": "295B2419-6CBA-4815-B0E8-51D5F5BCCB80",
"versionEndIncluding": "7.2.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D2DE7A08-D283-4EB3-BAAE-0BA4A8C2E088",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "66059E64-6EB2-4F9D-BCB3-099A01C9E72A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F05AAB16-437D-4A4E-892B-9B83E47FEC24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "65D16B36-567F-499D-AC7B-D2CC85AD9327",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.1.1.63:*:*:*:*:*:*:*",
"matchCriteriaId": "D8EC08FD-5473-4DB6-9828-8D007FE1E5FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F2724B2F-49B9-4423-A8D5-95B1E81DDEF9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cogentdatahub:opc_datahub:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5AF17ED5-1959-48BD-8166-730151AE4DE7",
"versionEndIncluding": "6.4.21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cogentdatahub:opc_datahub:6.4.20:*:*:*:*:*:*:*",
"matchCriteriaId": "49266854-6F6B-43F1-8A2F-DE12CAC65F99",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cogentdatahub:cascade_datahub:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B53B6E6-3FA4-461E-9CCB-1797D513F84F",
"versionEndIncluding": "6.4.21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cogentdatahub:cascade_datahub:6.4.20:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E8524E-2F62-4B01-83E7-686525DB00D2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cogentdatahub:datahub_quicktrend:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4472B878-C776-45F2-93EF-F4C423F2AB61",
"versionEndIncluding": "7.2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via malformed data in a formatted text command."
},
{
"lang": "es",
"value": "Cogent Real-Time Systems Cogent DataHub anteriores a v7.3.0, OPC DataHub anteriores a v6.4.22, Cascade DataHub anteriores a v6.4.22 en Windows, y DataHub QuickTrend anteriores a v7.3.0 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (des-referencia a puntero nulo y ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de datos mal formados en un comando de texto formateado."
}
],
"id": "CVE-2013-0681",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-04-05T21:55:00.847",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"US Government Resource"
],
"url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2013-0682
Vulnerability from fkie_nvd - Published: 2013-04-05 21:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 do not properly handle exceptions, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via malformed data in a formatted text command, leading to out-of-bounds access to (1) heap or (2) stack memory.
References
| URL | Tags | ||
|---|---|---|---|
| ics-cert@hq.dhs.gov | http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf | US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cogentdatahub | cogent_datahub | * | |
| cogentdatahub | cogent_datahub | 7.0 | |
| cogentdatahub | cogent_datahub | 7.0.2 | |
| cogentdatahub | cogent_datahub | 7.1.0 | |
| cogentdatahub | cogent_datahub | 7.1.1 | |
| cogentdatahub | cogent_datahub | 7.1.1.63 | |
| cogentdatahub | cogent_datahub | 7.1.2 | |
| cogentdatahub | opc_datahub | * | |
| cogentdatahub | opc_datahub | 6.4.20 | |
| cogentdatahub | cascade_datahub | * | |
| cogentdatahub | cascade_datahub | 6.4.20 | |
| microsoft | windows | * | |
| cogentdatahub | datahub_quicktrend | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cogentdatahub:cogent_datahub:*:*:*:*:*:*:*:*",
"matchCriteriaId": "295B2419-6CBA-4815-B0E8-51D5F5BCCB80",
"versionEndIncluding": "7.2.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D2DE7A08-D283-4EB3-BAAE-0BA4A8C2E088",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "66059E64-6EB2-4F9D-BCB3-099A01C9E72A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F05AAB16-437D-4A4E-892B-9B83E47FEC24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "65D16B36-567F-499D-AC7B-D2CC85AD9327",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.1.1.63:*:*:*:*:*:*:*",
"matchCriteriaId": "D8EC08FD-5473-4DB6-9828-8D007FE1E5FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F2724B2F-49B9-4423-A8D5-95B1E81DDEF9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cogentdatahub:opc_datahub:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5AF17ED5-1959-48BD-8166-730151AE4DE7",
"versionEndIncluding": "6.4.21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cogentdatahub:opc_datahub:6.4.20:*:*:*:*:*:*:*",
"matchCriteriaId": "49266854-6F6B-43F1-8A2F-DE12CAC65F99",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cogentdatahub:cascade_datahub:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B53B6E6-3FA4-461E-9CCB-1797D513F84F",
"versionEndIncluding": "6.4.21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cogentdatahub:cascade_datahub:6.4.20:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E8524E-2F62-4B01-83E7-686525DB00D2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cogentdatahub:datahub_quicktrend:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4472B878-C776-45F2-93EF-F4C423F2AB61",
"versionEndIncluding": "7.2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 do not properly handle exceptions, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via malformed data in a formatted text command, leading to out-of-bounds access to (1) heap or (2) stack memory."
},
{
"lang": "es",
"value": "Cogent Real-Time Systems Cogent DataHub anteriores a v7.3.0, OPC DataHub asnteriores a v6.4.22, Cascade DataHub anteriores a v6.4.22 en Windows, y DataHub QuickTrend anteriores a v7.3.0 no manejan las excepciones de forma adecuada, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo a trav\u00e9s de datos mal generados en un comando de texto formateado, conduciendo un acceso fuera del l\u00edmite a (1) memoria din\u00e1mica o (2) pila de memoria."
}
],
"id": "CVE-2013-0682",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-04-05T21:55:00.863",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"US Government Resource"
],
"url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2013-0683
Vulnerability from fkie_nvd - Published: 2013-04-05 21:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
The DataSim and DataPid demonstration clients in Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 allow remote servers to cause a denial of service (incorrect pointer access and client crash) via malformed data in a formatted text command.
References
| URL | Tags | ||
|---|---|---|---|
| ics-cert@hq.dhs.gov | http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf | US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cogentdatahub | cogent_datahub | * | |
| cogentdatahub | cogent_datahub | 7.0 | |
| cogentdatahub | cogent_datahub | 7.0.2 | |
| cogentdatahub | cogent_datahub | 7.1.0 | |
| cogentdatahub | cogent_datahub | 7.1.1 | |
| cogentdatahub | cogent_datahub | 7.1.1.63 | |
| cogentdatahub | cogent_datahub | 7.1.2 | |
| cogentdatahub | opc_datahub | * | |
| cogentdatahub | opc_datahub | 6.4.20 | |
| cogentdatahub | cascade_datahub | * | |
| cogentdatahub | cascade_datahub | 6.4.20 | |
| microsoft | windows | * | |
| cogentdatahub | datahub_quicktrend | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cogentdatahub:cogent_datahub:*:*:*:*:*:*:*:*",
"matchCriteriaId": "295B2419-6CBA-4815-B0E8-51D5F5BCCB80",
"versionEndIncluding": "7.2.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D2DE7A08-D283-4EB3-BAAE-0BA4A8C2E088",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "66059E64-6EB2-4F9D-BCB3-099A01C9E72A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F05AAB16-437D-4A4E-892B-9B83E47FEC24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "65D16B36-567F-499D-AC7B-D2CC85AD9327",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.1.1.63:*:*:*:*:*:*:*",
"matchCriteriaId": "D8EC08FD-5473-4DB6-9828-8D007FE1E5FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cogentdatahub:cogent_datahub:7.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F2724B2F-49B9-4423-A8D5-95B1E81DDEF9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cogentdatahub:opc_datahub:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5AF17ED5-1959-48BD-8166-730151AE4DE7",
"versionEndIncluding": "6.4.21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cogentdatahub:opc_datahub:6.4.20:*:*:*:*:*:*:*",
"matchCriteriaId": "49266854-6F6B-43F1-8A2F-DE12CAC65F99",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cogentdatahub:cascade_datahub:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B53B6E6-3FA4-461E-9CCB-1797D513F84F",
"versionEndIncluding": "6.4.21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cogentdatahub:cascade_datahub:6.4.20:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E8524E-2F62-4B01-83E7-686525DB00D2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cogentdatahub:datahub_quicktrend:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4472B878-C776-45F2-93EF-F4C423F2AB61",
"versionEndIncluding": "7.2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The DataSim and DataPid demonstration clients in Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 allow remote servers to cause a denial of service (incorrect pointer access and client crash) via malformed data in a formatted text command."
},
{
"lang": "es",
"value": "El cliente demo de DataSim and DataPid en Cogent Real-Time Systems Cogent DataHub anteriores a v7.3.0, OPC DataHub anteriores a v6.4.22, Cascade DataHub anteriores a v6.4.22 en Windows, y DataHub QuickTrend anteriores a v7.3.0 permite a servidores remotos provocar una denegaci\u00f3n de servicio (acceso a puntero incorrecto y ca\u00edda del cliente)a trav\u00e9s de datos mal formados en comanto de texto formateado."
}
],
"id": "CVE-2013-0683",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-04-05T21:55:00.880",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"US Government Resource"
],
"url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-16"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2013-0682 (GCVE-0-2013-0682)
Vulnerability from cvelistv5 – Published: 2013-04-05 21:00 – Updated: 2024-09-16 23:42
VLAI?
Summary
Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 do not properly handle exceptions, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via malformed data in a formatted text command, leading to out-of-bounds access to (1) heap or (2) stack memory.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:33:05.495Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 do not properly handle exceptions, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via malformed data in a formatted text command, leading to out-of-bounds access to (1) heap or (2) stack memory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-04-05T21:00:00Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2013-0682",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 do not properly handle exceptions, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via malformed data in a formatted text command, leading to out-of-bounds access to (1) heap or (2) stack memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf",
"refsource": "MISC",
"url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2013-0682",
"datePublished": "2013-04-05T21:00:00Z",
"dateReserved": "2012-12-19T00:00:00Z",
"dateUpdated": "2024-09-16T23:42:06.462Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-0680 (GCVE-0-2013-0680)
Vulnerability from cvelistv5 – Published: 2013-04-05 21:00 – Updated: 2024-09-16 21:58
VLAI?
Summary
Stack-based buffer overflow in the web server in Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long HTTP header.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:33:05.543Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the web server in Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long HTTP header."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-04-05T21:00:00Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2013-0680",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the web server in Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long HTTP header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf",
"refsource": "MISC",
"url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2013-0680",
"datePublished": "2013-04-05T21:00:00Z",
"dateReserved": "2012-12-19T00:00:00Z",
"dateUpdated": "2024-09-16T21:58:02.359Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-0683 (GCVE-0-2013-0683)
Vulnerability from cvelistv5 – Published: 2013-04-05 21:00 – Updated: 2024-09-16 23:36
VLAI?
Summary
The DataSim and DataPid demonstration clients in Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 allow remote servers to cause a denial of service (incorrect pointer access and client crash) via malformed data in a formatted text command.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:33:05.595Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The DataSim and DataPid demonstration clients in Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 allow remote servers to cause a denial of service (incorrect pointer access and client crash) via malformed data in a formatted text command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-04-05T21:00:00Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2013-0683",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DataSim and DataPid demonstration clients in Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 allow remote servers to cause a denial of service (incorrect pointer access and client crash) via malformed data in a formatted text command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf",
"refsource": "MISC",
"url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2013-0683",
"datePublished": "2013-04-05T21:00:00Z",
"dateReserved": "2012-12-19T00:00:00Z",
"dateUpdated": "2024-09-16T23:36:56.403Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-0681 (GCVE-0-2013-0681)
Vulnerability from cvelistv5 – Published: 2013-04-05 21:00 – Updated: 2024-09-16 23:45
VLAI?
Summary
Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via malformed data in a formatted text command.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:33:05.610Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via malformed data in a formatted text command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-04-05T21:00:00Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2013-0681",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via malformed data in a formatted text command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf",
"refsource": "MISC",
"url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2013-0681",
"datePublished": "2013-04-05T21:00:00Z",
"dateReserved": "2012-12-19T00:00:00Z",
"dateUpdated": "2024-09-16T23:45:32.564Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-0682 (GCVE-0-2013-0682)
Vulnerability from nvd – Published: 2013-04-05 21:00 – Updated: 2024-09-16 23:42
VLAI?
Summary
Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 do not properly handle exceptions, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via malformed data in a formatted text command, leading to out-of-bounds access to (1) heap or (2) stack memory.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:33:05.495Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 do not properly handle exceptions, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via malformed data in a formatted text command, leading to out-of-bounds access to (1) heap or (2) stack memory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-04-05T21:00:00Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2013-0682",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 do not properly handle exceptions, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via malformed data in a formatted text command, leading to out-of-bounds access to (1) heap or (2) stack memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf",
"refsource": "MISC",
"url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2013-0682",
"datePublished": "2013-04-05T21:00:00Z",
"dateReserved": "2012-12-19T00:00:00Z",
"dateUpdated": "2024-09-16T23:42:06.462Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-0680 (GCVE-0-2013-0680)
Vulnerability from nvd – Published: 2013-04-05 21:00 – Updated: 2024-09-16 21:58
VLAI?
Summary
Stack-based buffer overflow in the web server in Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long HTTP header.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:33:05.543Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the web server in Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long HTTP header."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-04-05T21:00:00Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2013-0680",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the web server in Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long HTTP header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf",
"refsource": "MISC",
"url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2013-0680",
"datePublished": "2013-04-05T21:00:00Z",
"dateReserved": "2012-12-19T00:00:00Z",
"dateUpdated": "2024-09-16T21:58:02.359Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-0683 (GCVE-0-2013-0683)
Vulnerability from nvd – Published: 2013-04-05 21:00 – Updated: 2024-09-16 23:36
VLAI?
Summary
The DataSim and DataPid demonstration clients in Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 allow remote servers to cause a denial of service (incorrect pointer access and client crash) via malformed data in a formatted text command.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:33:05.595Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The DataSim and DataPid demonstration clients in Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 allow remote servers to cause a denial of service (incorrect pointer access and client crash) via malformed data in a formatted text command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-04-05T21:00:00Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2013-0683",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DataSim and DataPid demonstration clients in Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 allow remote servers to cause a denial of service (incorrect pointer access and client crash) via malformed data in a formatted text command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf",
"refsource": "MISC",
"url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2013-0683",
"datePublished": "2013-04-05T21:00:00Z",
"dateReserved": "2012-12-19T00:00:00Z",
"dateUpdated": "2024-09-16T23:36:56.403Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-0681 (GCVE-0-2013-0681)
Vulnerability from nvd – Published: 2013-04-05 21:00 – Updated: 2024-09-16 23:45
VLAI?
Summary
Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via malformed data in a formatted text command.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:33:05.610Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via malformed data in a formatted text command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-04-05T21:00:00Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2013-0681",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via malformed data in a formatted text command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf",
"refsource": "MISC",
"url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-095-01.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2013-0681",
"datePublished": "2013-04-05T21:00:00Z",
"dateReserved": "2012-12-19T00:00:00Z",
"dateUpdated": "2024-09-16T23:45:32.564Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}