11 matches found
EUVD-2014-9017
Malware in sbrugna...
Trihedral Engineering Limited VTScada DLL Hijacking Vulnerability
VTScada is a SCADA system from Trihedral Engineering, Canada, based on a Windows platform with a Web interface option. Trihedral Engineering Limited VTScada suffers from a DLL hijacking vulnerability that could allow an attacker to cause the program to execute a specially crafted malicious dll fi...
Trihedral Engineering Limited VTScada Unauthorized Access Vulnerability
VTScada is a SCADA system from Trihedral Engineering, Canada, based on a Windows platform with a Web interface option. An unauthorized access vulnerability exists in Trihedral Engineering Limited VTScada, which allows a local, non-administrative user to read and write to the file system of the...
Trihedral Engineering Limited VTScada
CVSS v3 7.8 ATTENTION: Low skill level to exploit. Vendor: Trihedral Engineering Limited Equipment: VTScada Vulnerabilities: Improper Access Control, Uncontrolled Search Path Element AFFECTED PRODUCTS Trihedral Engineering Limited reports that the vulnerability affects the following versions of t...
Trihedral Engineering Limited VTScada
CVSS v3 7.5 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Trihedral Engineering Limited Equipment: VTScada Vulnerability: Resource Consumption, Cross-Site Scripting, Information Exposure AFFECTED PRODUCTS The following versions of VTScada, an HMI SCADA software, are affected...
Trihedral Engineering Limited VTScada Vulnerabilities
OVERVIEW An anonymous researcher has identified several vulnerabilities in Trihedral Engineering Ltd.’s Trihedral VTScada and reported them to Zero Day Initiative ZDI, which reported them to NCCIC/ICS-CERT. Trihedral Engineering Ltd. has produced a new version to mitigate these vulnerabilities...
Network Time Protocol Vulnerabilities (Supplement Update A)
OVERVIEW --------- Begin Update A Part 1 of 2 -------- This advisory supplement is to accompany the NCCIC/ICS-CERT advisory titled ICSA-14-353-01C Network Time Protocol Vulnerabilities that was published February 5, 2015, on the ICS‑CERT web site. --------- End Update A Part 1 of 2 ----------...
Integer overflow
Integer overflow in Trihedral Engineering VTScada formerly VTS 6.5 through 9.x before 9.1.20, 10.x before 10.2.22, and 11.x before 11.1.07 allows remote attackers to cause a denial of service server crash via a crafted request, which triggers a large memory allocation...
CVE-2014-9192 Trihedral Engineering Limited VTScada Integer Overflow
Integer overflow in Trihedral Engineering VTScada formerly VTS 6.5 through 9.x before 9.1.20, 10.x before 10.2.22, and 11.x before 11.1.07 allows remote attackers to cause a denial of service server crash via a crafted request, which triggers a large memory allocation...
CVE-2014-9192
CVE-2014-9192 is a concrete integer-overflow vulnerability in Trihedral VTScada (formerly VTS) HTTP server. The flaw allows remote attackers to trigger an enormous memory allocation by sending crafted requests (notably with problematic Content-Length handling), causing the VTScada server to crash...
Trihedral Engineering Limited VTScada Integer Overflow Vulnerability
OVERVIEW An anonymous researcher working with HP’s Zero Day Initiative has identified an integer overflow vulnerability in Trihedral Engineering Ltd’s VTScada application. Trihedral Engineering Limited has produced a patch that mitigates this vulnerability. This vulnerability could be exploited...