VAR-201903-0640
Vulnerability from variot - Updated: 2023-12-18 13:23Moxa SoftCMS 1.3 and prior is susceptible to a buffer overflow condition that may crash or allow remote code execution. Moxa released SoftCMS version 1.4 on June 1, 2015, to address the vulnerability. Moxa SoftCMS Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the setConfigPath method of the IPCam.IPCam_Video_Render_Plugin.1 control. The implementation copies the user-supplied string to a field in a heap-based buffer without validating its size, which can lead to a heap buffer overflow. An attacker can leverage this vulnerability to execute arbitrary code under the context of the process. Moxa SoftCMS is a central management software for managing large surveillance systems. Moxa SoftCMS is prone to multiple unspecified buffer-overflow vulnerabilities because it fails to properly bounds-check user supplied input. The software supports real-time video monitoring, video playback and event management, etc. The vulnerability stems from the fact that the program does not fully verify the 'strIP' parameter and the 'strUserName' parameter in the setUserInfoData method of the VLCPlugin control, and the input of the Open3 method in the RTSPVIDEO.rtspvideoCtrl.1 control. Strings, input strings for multiple methods (AudioRecord, Open, and Open2) in the RTSPVIDEO ActiveX control, input strings for multiple methods (setRecordPrefix, setStreamRecordData, and setConfigPath) in the IPCam.IPCamVideoRender_Plugin.1 control
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201903-0640",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "softcms",
"scope": null,
"trust": 5.6,
"vendor": "moxa",
"version": null
},
{
"model": "softcms",
"scope": "lte",
"trust": 1.8,
"vendor": "moxa",
"version": "1.3"
},
{
"model": "softcms",
"scope": "lte",
"trust": 0.6,
"vendor": "moxa",
"version": "\u003c=1.3"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-437"
},
{
"db": "ZDI",
"id": "ZDI-15-436"
},
{
"db": "ZDI",
"id": "ZDI-15-431"
},
{
"db": "ZDI",
"id": "ZDI-15-432"
},
{
"db": "ZDI",
"id": "ZDI-15-435"
},
{
"db": "ZDI",
"id": "ZDI-15-430"
},
{
"db": "ZDI",
"id": "ZDI-15-429"
},
{
"db": "ZDI",
"id": "ZDI-15-434"
},
{
"db": "CNVD",
"id": "CNVD-2015-05787"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-008239"
},
{
"db": "NVD",
"id": "CVE-2015-6457"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:moxa:softcms:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.3",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6457"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Carsten Eiram - Risk Based Security",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-431"
},
{
"db": "ZDI",
"id": "ZDI-15-432"
},
{
"db": "ZDI",
"id": "ZDI-15-435"
},
{
"db": "ZDI",
"id": "ZDI-15-430"
},
{
"db": "ZDI",
"id": "ZDI-15-429"
},
{
"db": "ZDI",
"id": "ZDI-15-434"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-137"
}
],
"trust": 4.8
},
"cve": "CVE-2015-6457",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2015-6457",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 6.4,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2015-05787",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-84418",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2015-6457",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2015-6457",
"trust": 5.6,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6457",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2015-05787",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201509-137",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-84418",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-437"
},
{
"db": "ZDI",
"id": "ZDI-15-436"
},
{
"db": "ZDI",
"id": "ZDI-15-431"
},
{
"db": "ZDI",
"id": "ZDI-15-432"
},
{
"db": "ZDI",
"id": "ZDI-15-435"
},
{
"db": "ZDI",
"id": "ZDI-15-430"
},
{
"db": "ZDI",
"id": "ZDI-15-429"
},
{
"db": "ZDI",
"id": "ZDI-15-434"
},
{
"db": "CNVD",
"id": "CNVD-2015-05787"
},
{
"db": "VULHUB",
"id": "VHN-84418"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-008239"
},
{
"db": "NVD",
"id": "CVE-2015-6457"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-137"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Moxa SoftCMS 1.3 and prior is susceptible to a buffer overflow condition that may crash or allow remote code execution. Moxa released SoftCMS version 1.4 on June 1, 2015, to address the vulnerability. Moxa SoftCMS Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the setConfigPath method of the IPCam.IPCam_Video_Render_Plugin.1 control. The implementation copies the user-supplied string to a field in a heap-based buffer without validating its size, which can lead to a heap buffer overflow. An attacker can leverage this vulnerability to execute arbitrary code under the context of the process. Moxa SoftCMS is a central management software for managing large surveillance systems. Moxa SoftCMS is prone to multiple unspecified buffer-overflow vulnerabilities because it fails to properly bounds-check user supplied input. The software supports real-time video monitoring, video playback and event management, etc. The vulnerability stems from the fact that the program does not fully verify the \u0027strIP\u0027 parameter and the \u0027strUserName\u0027 parameter in the setUserInfoData method of the VLCPlugin control, and the input of the Open3 method in the RTSPVIDEO.rtspvideoCtrl.1 control. Strings, input strings for multiple methods (AudioRecord, Open, and Open2) in the RTSPVIDEO ActiveX control, input strings for multiple methods (setRecordPrefix, setStreamRecordData, and setConfigPath) in the IPCam.IPCamVideoRender_Plugin.1 control",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6457"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-008239"
},
{
"db": "ZDI",
"id": "ZDI-15-437"
},
{
"db": "ZDI",
"id": "ZDI-15-436"
},
{
"db": "ZDI",
"id": "ZDI-15-431"
},
{
"db": "ZDI",
"id": "ZDI-15-432"
},
{
"db": "ZDI",
"id": "ZDI-15-435"
},
{
"db": "ZDI",
"id": "ZDI-15-430"
},
{
"db": "ZDI",
"id": "ZDI-15-429"
},
{
"db": "ZDI",
"id": "ZDI-15-434"
},
{
"db": "CNVD",
"id": "CNVD-2015-05787"
},
{
"db": "BID",
"id": "76509"
},
{
"db": "VULHUB",
"id": "VHN-84418"
}
],
"trust": 7.56
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6457",
"trust": 9.0
},
{
"db": "ICS CERT",
"id": "ICSA-15-239-01",
"trust": 3.4
},
{
"db": "ZDI",
"id": "ZDI-15-437",
"trust": 1.0
},
{
"db": "ZDI",
"id": "ZDI-15-436",
"trust": 1.0
},
{
"db": "ZDI",
"id": "ZDI-15-431",
"trust": 1.0
},
{
"db": "ZDI",
"id": "ZDI-15-432",
"trust": 1.0
},
{
"db": "ZDI",
"id": "ZDI-15-435",
"trust": 1.0
},
{
"db": "ZDI",
"id": "ZDI-15-430",
"trust": 1.0
},
{
"db": "ZDI",
"id": "ZDI-15-429",
"trust": 1.0
},
{
"db": "ZDI",
"id": "ZDI-15-434",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2015-008239",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2999",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3000",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2955",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2950",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2954",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2956",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2953",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-2951",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201509-137",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2015-05787",
"trust": 0.6
},
{
"db": "ZDI",
"id": "ZDI-15-433",
"trust": 0.3
},
{
"db": "BID",
"id": "76509",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-84418",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-437"
},
{
"db": "ZDI",
"id": "ZDI-15-436"
},
{
"db": "ZDI",
"id": "ZDI-15-431"
},
{
"db": "ZDI",
"id": "ZDI-15-432"
},
{
"db": "ZDI",
"id": "ZDI-15-435"
},
{
"db": "ZDI",
"id": "ZDI-15-430"
},
{
"db": "ZDI",
"id": "ZDI-15-429"
},
{
"db": "ZDI",
"id": "ZDI-15-434"
},
{
"db": "CNVD",
"id": "CNVD-2015-05787"
},
{
"db": "VULHUB",
"id": "VHN-84418"
},
{
"db": "BID",
"id": "76509"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-008239"
},
{
"db": "NVD",
"id": "CVE-2015-6457"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-137"
}
]
},
"id": "VAR-201903-0640",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-05787"
},
{
"db": "VULHUB",
"id": "VHN-84418"
}
],
"trust": 1.29090906
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-05787"
}
]
},
"last_update_date": "2023-12-18T13:23:47.744000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Moxa has issued an update to correct this vulnerability.",
"trust": 5.6,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-239-01"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.moxa.com/en/"
},
{
"title": "Patch for Moxa SoftCMS Buffer Overflow Vulnerability (CNVD-2015-05787)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/63512"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-437"
},
{
"db": "ZDI",
"id": "ZDI-15-436"
},
{
"db": "ZDI",
"id": "ZDI-15-431"
},
{
"db": "ZDI",
"id": "ZDI-15-432"
},
{
"db": "ZDI",
"id": "ZDI-15-435"
},
{
"db": "ZDI",
"id": "ZDI-15-430"
},
{
"db": "ZDI",
"id": "ZDI-15-429"
},
{
"db": "ZDI",
"id": "ZDI-15-434"
},
{
"db": "CNVD",
"id": "CNVD-2015-05787"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-008239"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84418"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-008239"
},
{
"db": "NVD",
"id": "CVE-2015-6457"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 9.0,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-239-01"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-6457"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6457"
},
{
"trust": 0.3,
"url": "http://www.moxa.com/product/softcms.htm"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-429/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-430/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-431/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-432/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-434/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-435/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-436/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-437/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-433/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-437"
},
{
"db": "ZDI",
"id": "ZDI-15-436"
},
{
"db": "ZDI",
"id": "ZDI-15-431"
},
{
"db": "ZDI",
"id": "ZDI-15-432"
},
{
"db": "ZDI",
"id": "ZDI-15-435"
},
{
"db": "ZDI",
"id": "ZDI-15-430"
},
{
"db": "ZDI",
"id": "ZDI-15-429"
},
{
"db": "ZDI",
"id": "ZDI-15-434"
},
{
"db": "CNVD",
"id": "CNVD-2015-05787"
},
{
"db": "VULHUB",
"id": "VHN-84418"
},
{
"db": "BID",
"id": "76509"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-008239"
},
{
"db": "NVD",
"id": "CVE-2015-6457"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-137"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-437"
},
{
"db": "ZDI",
"id": "ZDI-15-436"
},
{
"db": "ZDI",
"id": "ZDI-15-431"
},
{
"db": "ZDI",
"id": "ZDI-15-432"
},
{
"db": "ZDI",
"id": "ZDI-15-435"
},
{
"db": "ZDI",
"id": "ZDI-15-430"
},
{
"db": "ZDI",
"id": "ZDI-15-429"
},
{
"db": "ZDI",
"id": "ZDI-15-434"
},
{
"db": "CNVD",
"id": "CNVD-2015-05787"
},
{
"db": "VULHUB",
"id": "VHN-84418"
},
{
"db": "BID",
"id": "76509"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-008239"
},
{
"db": "NVD",
"id": "CVE-2015-6457"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-137"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-09-08T00:00:00",
"db": "ZDI",
"id": "ZDI-15-437"
},
{
"date": "2015-09-08T00:00:00",
"db": "ZDI",
"id": "ZDI-15-436"
},
{
"date": "2015-09-08T00:00:00",
"db": "ZDI",
"id": "ZDI-15-431"
},
{
"date": "2015-09-08T00:00:00",
"db": "ZDI",
"id": "ZDI-15-432"
},
{
"date": "2015-09-08T00:00:00",
"db": "ZDI",
"id": "ZDI-15-435"
},
{
"date": "2015-09-08T00:00:00",
"db": "ZDI",
"id": "ZDI-15-430"
},
{
"date": "2015-09-08T00:00:00",
"db": "ZDI",
"id": "ZDI-15-429"
},
{
"date": "2015-09-08T00:00:00",
"db": "ZDI",
"id": "ZDI-15-434"
},
{
"date": "2015-09-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-05787"
},
{
"date": "2019-03-21T00:00:00",
"db": "VULHUB",
"id": "VHN-84418"
},
{
"date": "2015-08-27T00:00:00",
"db": "BID",
"id": "76509"
},
{
"date": "2019-04-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-008239"
},
{
"date": "2019-03-21T20:29:00.250000",
"db": "NVD",
"id": "CVE-2015-6457"
},
{
"date": "2015-09-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201509-137"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-09-08T00:00:00",
"db": "ZDI",
"id": "ZDI-15-437"
},
{
"date": "2015-09-08T00:00:00",
"db": "ZDI",
"id": "ZDI-15-436"
},
{
"date": "2015-09-08T00:00:00",
"db": "ZDI",
"id": "ZDI-15-431"
},
{
"date": "2015-09-08T00:00:00",
"db": "ZDI",
"id": "ZDI-15-432"
},
{
"date": "2015-09-08T00:00:00",
"db": "ZDI",
"id": "ZDI-15-435"
},
{
"date": "2015-09-08T00:00:00",
"db": "ZDI",
"id": "ZDI-15-430"
},
{
"date": "2015-09-08T00:00:00",
"db": "ZDI",
"id": "ZDI-15-429"
},
{
"date": "2015-09-08T00:00:00",
"db": "ZDI",
"id": "ZDI-15-434"
},
{
"date": "2015-09-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-05787"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-84418"
},
{
"date": "2015-11-03T19:14:00",
"db": "BID",
"id": "76509"
},
{
"date": "2019-04-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-008239"
},
{
"date": "2019-10-09T23:14:58.210000",
"db": "NVD",
"id": "CVE-2015-6457"
},
{
"date": "2019-04-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201509-137"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201509-137"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Moxa SoftCMS Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-008239"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-137"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201509-137"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…