CVE-2014-3888: Buffer Overflow
First published: Thu Jul 10 2014(Updated: )
Stack-based buffer overflow in BKFSim_vhfd.exe in Yokogawa CENTUM CS 1000, CENTUM CS 3000 R3.09.50 and earlier, CENTUM VP R5.03.20 and earlier, Exaopc R3.72.00 and earlier, B/M9000CS R5.05.01 and earlier, and B/M9000 VP R7.03.01 and earlier, when FCS/Test Function is enabled, allows remote attackers to execute arbitrary code via a crafted packet.
Credit: vultures@jpcert.or.jp
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Yokogawa Exaopc | <=3.72.00 | |
| Yokogawa Exaopc | =3.71.02 | |
| Yokogawa B\/m9000cs Software | <=5.05.01 | |
| Yokogawa B\/m9000cs | ||
| Yokogawa Centum Vp Entry Class Software | <=5.03.00 | |
| Yokogawa Centum Vp Entry Class | ||
| Yokogawa Centum Vp Software | <=5.03.20 | |
| Yokogawa Centum Vp Software | =4.03.00 | |
| Yokogawa Centum Vp | ||
| Yokogawa B\/m9000 Vp Software | <=7.03.01 | |
| Yokogawa B\/m9000 Vp | ||
| Yokogawa CENTUM CS 3000 | =r3.01 | |
| Yokogawa CENTUM CS 3000 | =r3.02 | |
| Yokogawa CENTUM CS 3000 | =r3.03 | |
| Yokogawa CENTUM CS 3000 | =r3.04 | |
| Yokogawa CENTUM CS 3000 | =r3.05 | |
| Yokogawa CENTUM CS 3000 | =r3.06 | |
| Yokogawa CENTUM CS 3000 | =r3.07 | |
| Yokogawa CENTUM CS 3000 | =r3.08 | |
| Yokogawa CENTUM CS 3000 | =r3.08.50 | |
| Yokogawa CENTUM CS 3000 | =r3.08.70 | |
| Yokogawa CENTUM CS 3000 | =r3.09 | |
| Yokogawa CENTUM CS 3000 | =r3.09.50 | |
| Yokogawa Centum Cs 3000 Software | <=2.23.00 | |
| Yokogawa CENTUM CS 3000 | ||
| Yokogawa Centum Cs 1000 Software | ||
| Yokogawa CENTUM CS 1000 | ||
| Yokogawa Centum Cs 3000 Entry Class Software | <=3.09.50 | |
| Yokogawa Centum Cs 3000 Entry Class |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/references
- agent/severity
- agent/author
- agent/weakness
- agent/type
- agent/description
- agent/tags
- agent/event
- agent/last-modified-date
- agent/first-publish-date
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- vendor/yokogawa
- canonical/yokogawa exaopc
- version/yokogawa exaopc/3.72.00
- version/yokogawa exaopc/3.71.02
- canonical/yokogawa b\/m9000cs software
- version/yokogawa b\/m9000cs software/5.05.01
- canonical/yokogawa b\/m9000cs
- canonical/yokogawa centum vp entry class software
- version/yokogawa centum vp entry class software/5.03.00
- canonical/yokogawa centum vp entry class
- canonical/yokogawa centum vp software
- version/yokogawa centum vp software/5.03.20
- version/yokogawa centum vp software/4.03.00
- canonical/yokogawa centum vp
- canonical/yokogawa b\/m9000 vp software
- version/yokogawa b\/m9000 vp software/7.03.01
- canonical/yokogawa b\/m9000 vp
- canonical/yokogawa centum cs 3000
- version/yokogawa centum cs 3000/r3.01
- version/yokogawa centum cs 3000/r3.02
- version/yokogawa centum cs 3000/r3.03
- version/yokogawa centum cs 3000/r3.04
- version/yokogawa centum cs 3000/r3.05
- version/yokogawa centum cs 3000/r3.06
- version/yokogawa centum cs 3000/r3.07
- version/yokogawa centum cs 3000/r3.08
- version/yokogawa centum cs 3000/r3.08.50
- version/yokogawa centum cs 3000/r3.08.70
- version/yokogawa centum cs 3000/r3.09
- version/yokogawa centum cs 3000/r3.09.50
- canonical/yokogawa centum cs 3000 software
- version/yokogawa centum cs 3000 software/2.23.00
- canonical/yokogawa centum cs 1000 software
- canonical/yokogawa centum cs 1000
- canonical/yokogawa centum cs 3000 entry class software
- version/yokogawa centum cs 3000 entry class software/3.09.50
- canonical/yokogawa centum cs 3000 entry class