CVE-2019-3946
Description
Fuji Electric V-Server before 6.0.33.0 is vulnerable to denial of service via a crafted UDP message sent to port 8005. An unauthenticated, remote attacker can crash vserver.exe due to an integer overflow in the UDP message handling logic.
References
ExploitThird Party Advisory
Third Party Advisory
CvssV3 impact
BaseSeverity | HIGH |
ConfidentialityImpact | NONE |
AttackComplexity | LOW |
Scope | UNCHANGED |
AttackVector | NETWORK |
AvailabilityImpact | HIGH |
IntegrityImpact | NONE |
PrivilegesRequired | NONE |
BaseScore | 7.5 |
VectorString | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Version | 3.0 |
UserInteraction | NONE |
CvssV2 impact
Version | 2.0 |
VectorString | AV:N/AC:L/Au:N/C:N/I:N/A:P |
AccessVector | NETWORK |
AccessComplexity | LOW |
Authentication | NONE |
ConfidentialityImpact | NONE |
IntegrityImpact | NONE |
AvailabilityImpact | PARTIAL |
BaseScore | 5 |