var-201809-0093
Vulnerability from variot
Buffer overflow in OPC UA applications allows remote attackers to trigger a stack overflow with carefully structured requests. OPC UA The application contains a buffer error vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. OPC UA applications is a platform-independent service-oriented unified architecture application from the OPC (OLE for Process Control) Foundation. SAP Plant Connectivity is prone to multiple denial-of-service vulnerabilities. Attackers can exploit these issues to cause denial-of-service conditions, denying service to legitimate users. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Debian Security Advisory DSA-4359-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff December 27, 2018 https://www.debian.org/security/faq
Package : wireshark CVE ID : CVE-2018-12086 CVE-2018-18225 CVE-2018-18226 CVE-2018-18227 CVE-2018-19622 CVE-2018-19623 CVE-2018-19624 CVE-2018-19625 CVE-2018-19626 CVE-2018-19627 CVE-2018-19628
Multiple vulnerabilities have been discovered in Wireshark, a network protocol analyzer, which could result in denial of service or the execution of arbitrary code.
For the stable distribution (stretch), these problems have been fixed in version 2.6.5-1~deb9u1.
We recommend that you upgrade your wireshark packages.
For the detailed security status of wireshark please refer to its security tracker page at: https://security-tracker.debian.org/tracker/wireshark
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlwk6BkACgkQEMKTtsN8 TjZeQg//epVGPGld0oOwn+9I3rD4C0GZMKOCtHW7xR5x+YKMntG7VzLAcSv33EEi hDj2V0ZFr8NIWab0qtTun4BQMMZ7J80hy//hFr9OcAu1apdG38KW0drMG2/sBBL8 HH6ndYLgrtxqbtmqNBxPrabq+Fj01jlCwTmrd9ig0/ZQOSlRbfM+Snfjxpmwlsgl x8ZoWi9TPD+ILZe2V6m4w81aR6FF3e540W6ADAJ233gpJbQ5mHvOlX1tJzPDTQOe 8KqGZ4FhYan7wO6u41gRHCtqMEymh1LRc+zTzeow9jNs7u83GRMT4bqerCkVKI3W JPr1+EbYNyZApWYzeigomGQSXiTMKvURm1NxevhhZW81y0xJgHS7q7gsvu1zitQl hUqA9r/F74Ts6uru+ubknk1OeA0UrY/ZXVMZUgsYAZ4vFvcvPzK2gqZoBMI0tAy5 PxAnScxMalJA8faUsjl/0O5URG/Sv0MKzLo9hexog7dE/vH0j5iuZqbhT7UDmvdL B2l7XwVlZCKI5pLgNhCqBSxf3mL7sr/wzpPF2YYuFGTGQ+doTy6C9GL1Z/J/087w Hbd7i5Pnu+GM+SXswSIsDNsq4fMYHrBJvJz+w2YWImdKuR9+fKSPAtdto/id5t9m s61uMXB9ul+5H0pw19otWQUvJog5qcCrTFLEe5F+CMUJDjWDqrY=xlYz -----END PGP SIGNATURE-----
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201809-0093", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "linux", scope: "eq", trust: 1.6, vendor: "debian", version: "9.0", }, { model: "unified architecture-java", scope: "lte", trust: 1, vendor: "opcfoundation", version: "1.03.343", }, { model: "unified architecture-.net-legacy", scope: "lte", trust: 1, vendor: "opcfoundation", version: "1.03.342", }, { model: "unified architecture .net-standard", scope: "lte", trust: 1, vendor: "opcfoundation", version: "1.03.352.12", }, { model: "unified architecture ansic", scope: "lte", trust: 1, vendor: "opcfoundation", version: "1.03.340", }, { model: "gnu/linux", scope: null, trust: 0.8, vendor: "debian", version: null, }, { model: "ua-.net-legacy", scope: null, trust: 0.8, vendor: "opc", version: null, }, { model: "ua-.netstandard", scope: null, trust: 0.8, vendor: "opc", version: null, }, { model: "ua-ansic", scope: null, trust: 0.8, vendor: "opc", version: null, }, { model: "ua-java", scope: null, trust: 0.8, vendor: "opc", version: null, }, { model: "ua application", scope: null, trust: 0.6, vendor: "opc", version: null, }, { model: "wireshark", scope: "eq", trust: 0.3, vendor: "wireshark", version: "2.6.3", }, { model: "wireshark", scope: "eq", trust: 0.3, vendor: "wireshark", version: "2.6.2", }, { model: "wireshark", scope: "eq", trust: 0.3, vendor: "wireshark", version: "2.6.1", }, { model: "wireshark", scope: "eq", trust: 0.3, vendor: "wireshark", version: "2.6", }, { model: "wireshark", scope: "eq", trust: 0.3, vendor: "wireshark", version: "2.4.9", }, { model: "wireshark", scope: "eq", trust: 0.3, vendor: "wireshark", version: "2.4.8", }, { model: "wireshark", scope: "eq", trust: 0.3, vendor: "wireshark", version: "2.4.7", }, { model: "wireshark", scope: "eq", trust: 0.3, vendor: "wireshark", version: "2.4.6", }, { model: "wireshark", scope: "eq", trust: 0.3, vendor: "wireshark", version: "2.4.5", }, { model: "wireshark", scope: "eq", trust: 0.3, vendor: "wireshark", version: "2.4.4", }, { model: "wireshark", scope: "eq", trust: 0.3, vendor: "wireshark", version: "2.4.3", }, { model: "wireshark", scope: "eq", trust: 0.3, vendor: "wireshark", version: "2.4.1", }, { model: "wireshark", scope: "eq", trust: 0.3, vendor: "wireshark", version: "2.4", }, { model: "wireshark", scope: "eq", trust: 0.3, vendor: "wireshark", version: "2.2.6", }, { model: "wireshark", scope: "eq", trust: 0.3, vendor: "wireshark", version: "2.4.2", }, { model: "plant connectivity", scope: "eq", trust: 0.3, vendor: "sap", version: "15.2", }, { model: "plant connectivity", scope: "eq", trust: 0.3, vendor: "sap", version: "15.1", }, { model: "plant connectivity", scope: "eq", trust: 0.3, vendor: "sap", version: "15.0", }, { model: "wireshark", scope: "ne", trust: 0.3, vendor: "wireshark", version: "2.6.4", }, { model: "wireshark", scope: "ne", trust: 0.3, vendor: "wireshark", version: "2.4.10", }, { model: null, scope: "eq", trust: 0.2, vendor: "unified architecture net legacy", version: "*", }, { model: null, scope: "eq", trust: 0.2, vendor: "unified architecture java", version: "*", }, { model: null, scope: "eq", trust: 0.2, vendor: "unified architecture net standard", version: "*", }, { model: null, scope: "eq", trust: 0.2, vendor: "unified architecture ansic", version: "*", }, { model: null, scope: "eq", trust: 0.2, vendor: "debian linux", version: "9.0", }, ], sources: [ { db: "IVD", id: "e2fad12e-39ab-11e9-a54a-000c29342cb1", }, { db: "CNVD", id: "CNVD-2018-19099", }, { db: "BID", id: "105538", }, { db: "JVNDB", id: "JVNDB-2018-013611", }, { db: "CNNVD", id: "CNNVD-201809-732", }, { db: "NVD", id: "CVE-2018-12086", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/o:debian:debian_linux", vulnerable: true, }, { cpe22Uri: "cpe:/a:opcfoundation:unified_architecture-.net-legacy", vulnerable: true, }, { cpe22Uri: "cpe:/a:opcfoundation:unified_architecture_.net-standard", vulnerable: true, }, { cpe22Uri: "cpe:/a:opcfoundation:unified_architecture_ansic", vulnerable: true, }, { cpe22Uri: "cpe:/a:opcfoundation:unified_architecture-java", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2018-013611", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "SAP", sources: [ { db: "BID", id: "105538", }, ], trust: 0.3, }, cve: "CVE-2018-12086", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CVE-2018-12086", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 1.9, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CNVD-2018-19099", impactScore: 6.9, integrityImpact: "NONE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "IVD", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "e2fad12e-39ab-11e9-a54a-000c29342cb1", impactScore: 6.9, integrityImpact: "NONE", severity: "HIGH", trust: 0.2, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.9 [IVD]", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", exploitabilityScore: 3.9, id: "CVE-2018-12086", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1.8, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2018-12086", trust: 1, value: "HIGH", }, { author: "NVD", id: "CVE-2018-12086", trust: 0.8, value: "High", }, { author: "CNVD", id: "CNVD-2018-19099", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-201809-732", trust: 0.6, value: "HIGH", }, { author: "IVD", id: "e2fad12e-39ab-11e9-a54a-000c29342cb1", trust: 0.2, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2018-12086", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "IVD", id: "e2fad12e-39ab-11e9-a54a-000c29342cb1", }, { db: "CNVD", id: "CNVD-2018-19099", }, { db: "VULMON", id: "CVE-2018-12086", }, { db: "JVNDB", id: "JVNDB-2018-013611", }, { db: "CNNVD", id: "CNNVD-201809-732", }, { db: "NVD", id: "CVE-2018-12086", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Buffer overflow in OPC UA applications allows remote attackers to trigger a stack overflow with carefully structured requests. OPC UA The application contains a buffer error vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. OPC UA applications is a platform-independent service-oriented unified architecture application from the OPC (OLE for Process Control) Foundation. SAP Plant Connectivity is prone to multiple denial-of-service vulnerabilities. \nAttackers can exploit these issues to cause denial-of-service conditions, denying service to legitimate users. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4359-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nDecember 27, 2018 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : wireshark\nCVE ID : CVE-2018-12086 CVE-2018-18225 CVE-2018-18226\n CVE-2018-18227 CVE-2018-19622 CVE-2018-19623\n\t\t CVE-2018-19624 CVE-2018-19625 CVE-2018-19626\n\t\t CVE-2018-19627 CVE-2018-19628\n\nMultiple vulnerabilities have been discovered in Wireshark, a network\nprotocol analyzer, which could result in denial of service or the\nexecution of arbitrary code. \n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 2.6.5-1~deb9u1. \n\nWe recommend that you upgrade your wireshark packages. \n\nFor the detailed security status of wireshark please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/wireshark\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlwk6BkACgkQEMKTtsN8\nTjZeQg//epVGPGld0oOwn+9I3rD4C0GZMKOCtHW7xR5x+YKMntG7VzLAcSv33EEi\nhDj2V0ZFr8NIWab0qtTun4BQMMZ7J80hy//hFr9OcAu1apdG38KW0drMG2/sBBL8\nHH6ndYLgrtxqbtmqNBxPrabq+Fj01jlCwTmrd9ig0/ZQOSlRbfM+Snfjxpmwlsgl\nx8ZoWi9TPD+ILZe2V6m4w81aR6FF3e540W6ADAJ233gpJbQ5mHvOlX1tJzPDTQOe\n8KqGZ4FhYan7wO6u41gRHCtqMEymh1LRc+zTzeow9jNs7u83GRMT4bqerCkVKI3W\nJPr1+EbYNyZApWYzeigomGQSXiTMKvURm1NxevhhZW81y0xJgHS7q7gsvu1zitQl\nhUqA9r/F74Ts6uru+ubknk1OeA0UrY/ZXVMZUgsYAZ4vFvcvPzK2gqZoBMI0tAy5\nPxAnScxMalJA8faUsjl/0O5URG/Sv0MKzLo9hexog7dE/vH0j5iuZqbhT7UDmvdL\nB2l7XwVlZCKI5pLgNhCqBSxf3mL7sr/wzpPF2YYuFGTGQ+doTy6C9GL1Z/J/087w\nHbd7i5Pnu+GM+SXswSIsDNsq4fMYHrBJvJz+w2YWImdKuR9+fKSPAtdto/id5t9m\ns61uMXB9ul+5H0pw19otWQUvJog5qcCrTFLEe5F+CMUJDjWDqrY=xlYz\n-----END PGP SIGNATURE-----\n", sources: [ { db: "NVD", id: "CVE-2018-12086", }, { db: "JVNDB", id: "JVNDB-2018-013611", }, { db: "CNVD", id: "CNVD-2018-19099", }, { db: "BID", id: "105538", }, { db: "IVD", id: "e2fad12e-39ab-11e9-a54a-000c29342cb1", }, { db: "VULMON", id: "CVE-2018-12086", }, { db: "PACKETSTORM", id: "150933", }, ], trust: 2.79, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2018-12086", trust: 3.7, }, { db: "BID", id: "105538", trust: 2, }, { db: "SECTRACK", id: "1041909", trust: 1.7, }, { db: "CNVD", id: "CNVD-2018-19099", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-201809-732", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2018-013611", trust: 0.8, }, { db: "AUSCERT", id: "ESB-2019.1374", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.0926", trust: 0.6, }, { db: "IVD", id: "E2FAD12E-39AB-11E9-A54A-000C29342CB1", trust: 0.2, }, { db: "VULMON", id: "CVE-2018-12086", trust: 0.1, }, { db: "PACKETSTORM", id: "150933", trust: 0.1, }, ], sources: [ { db: "IVD", id: "e2fad12e-39ab-11e9-a54a-000c29342cb1", }, { db: "CNVD", id: "CNVD-2018-19099", }, { db: "VULMON", id: "CVE-2018-12086", }, { db: "BID", id: "105538", }, { db: "JVNDB", id: "JVNDB-2018-013611", }, { db: "PACKETSTORM", id: "150933", }, { db: "CNNVD", id: "CNNVD-201809-732", }, { db: "NVD", id: "CVE-2018-12086", }, ], }, id: "VAR-201809-0093", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "IVD", id: "e2fad12e-39ab-11e9-a54a-000c29342cb1", }, { db: "CNVD", id: "CNVD-2018-19099", }, ], trust: 1.2333333400000002, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "ICS", ], sub_category: null, trust: 0.8, }, ], sources: [ { db: "IVD", id: "e2fad12e-39ab-11e9-a54a-000c29342cb1", }, { db: "CNVD", id: "CNVD-2018-19099", }, ], }, last_update_date: "2024-11-23T20:09:38.362000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "DSA-4359", trust: 0.8, url: "https://www.debian.org/security/2018/dsa-4359", }, { title: "Security Update for the OPC UA Stacks", trust: 0.8, url: "http://bugs.exim.org/show_bug.cgi?id=1106", }, { title: "Red Hat: CVE-2018-12086", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2018-12086", }, { title: "Arch Linux Issues: ", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=CVE-2018-12086", }, { title: "Arch Linux Advisories: [ASA-201810-9] wireshark-cli: multiple issues", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-201810-9", }, { title: "Debian Security Advisories: DSA-4359-1 wireshark -- security update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=d02db3d90f5567537307b18cce9fba2b", }, { title: "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - October 2018", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins&qid=2196fa008592287290cbd6678fbe10d4", }, { title: "IBM: IBM Security Bulletin: Vyatta 5600 vRouter Software Patches – Release 1801-v", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=413b5f9466c1ebf3ab090a45e189b43e", }, { title: "stack-overflow-poc", trust: 0.1, url: "https://github.com/kevinherron/stack-overflow-poc ", }, { title: "CVE-POC", trust: 0.1, url: "https://github.com/0xT11/CVE-POC ", }, { title: "PoC-in-GitHub", trust: 0.1, url: "https://github.com/nomi-sec/PoC-in-GitHub ", }, ], sources: [ { db: "VULMON", id: "CVE-2018-12086", }, { db: "JVNDB", id: "JVNDB-2018-013611", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-787", trust: 1, }, { problemtype: "CWE-119", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2018-013611", }, { db: "NVD", id: "CVE-2018-12086", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.3, url: "https://opcfoundation-onlineapplications.org/faq/securitybulletins/opc_foundation_security_bulletin_cve-2018-12086.pdf", }, { trust: 1.7, url: "http://www.securityfocus.com/bid/105538", }, { trust: 1.7, url: "http://www.securitytracker.com/id/1041909", }, { trust: 1.7, url: "https://www.debian.org/security/2018/dsa-4359", }, { trust: 1.7, url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html", }, { trust: 0.9, url: "https://nvd.nist.gov/vuln/detail/cve-2018-12086", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-12086", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.0926/", }, { trust: 0.6, url: "http://www.ibm.com/support/docview.wss?uid=ibm10881778", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/79514", }, { trust: 0.3, url: "http://www.sap.com", }, { trust: 0.3, url: "https://launchpad.support.sap.com/#/notes/2674215", }, { trust: 0.3, url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=500633095", }, { trust: 0.3, url: "https://www.wireshark.org/security/wnpa-sec-2018-50.html", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/787.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://tools.cisco.com/security/center/viewalert.x?alertid=59045", }, { trust: 0.1, url: "https://github.com/kevinherron/stack-overflow-poc", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2018-19625", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2018-19628", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2018-18227", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2018-19624", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2018-19623", }, { trust: 0.1, url: "https://www.debian.org/security/faq", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2018-18226", }, { trust: 0.1, url: "https://www.debian.org/security/", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2018-19622", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2018-19626", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2018-19627", }, { trust: 0.1, url: "https://security-tracker.debian.org/tracker/wireshark", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2018-18225", }, ], sources: [ { db: "CNVD", id: "CNVD-2018-19099", }, { db: "VULMON", id: "CVE-2018-12086", }, { db: "BID", id: "105538", }, { db: "JVNDB", id: "JVNDB-2018-013611", }, { db: "PACKETSTORM", id: "150933", }, { db: "CNNVD", id: "CNNVD-201809-732", }, { db: "NVD", id: "CVE-2018-12086", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "IVD", id: "e2fad12e-39ab-11e9-a54a-000c29342cb1", }, { db: "CNVD", id: "CNVD-2018-19099", }, { db: "VULMON", id: "CVE-2018-12086", }, { db: "BID", id: "105538", }, { db: "JVNDB", id: "JVNDB-2018-013611", }, { db: "PACKETSTORM", id: "150933", }, { db: "CNNVD", id: "CNNVD-201809-732", }, { db: "NVD", id: "CVE-2018-12086", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2018-09-18T00:00:00", db: "IVD", id: "e2fad12e-39ab-11e9-a54a-000c29342cb1", }, { date: "2018-09-18T00:00:00", db: "CNVD", id: "CNVD-2018-19099", }, { date: "2018-09-14T00:00:00", db: "VULMON", id: "CVE-2018-12086", }, { date: "2018-10-09T00:00:00", db: "BID", id: "105538", }, { date: "2019-02-26T00:00:00", db: "JVNDB", id: "JVNDB-2018-013611", }, { date: "2018-12-28T21:54:04", db: "PACKETSTORM", id: "150933", }, { date: "2018-09-17T00:00:00", db: "CNNVD", id: "CNNVD-201809-732", }, { date: "2018-09-14T21:29:03.583000", db: "NVD", id: "CVE-2018-12086", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2018-09-18T00:00:00", db: "CNVD", id: "CNVD-2018-19099", }, { date: "2020-08-24T00:00:00", db: "VULMON", id: "CVE-2018-12086", }, { date: "2018-10-16T14:00:00", db: "BID", id: "105538", }, { date: "2019-02-26T00:00:00", db: "JVNDB", id: "JVNDB-2018-013611", }, { date: "2020-08-25T00:00:00", db: "CNNVD", id: "CNNVD-201809-732", }, { date: "2024-11-21T03:44:33.930000", db: "NVD", id: "CVE-2018-12086", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201809-732", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "OPC UA Application buffer error vulnerability", sources: [ { db: "JVNDB", id: "JVNDB-2018-013611", }, { db: "CNNVD", id: "CNNVD-201809-732", }, ], trust: 1.4, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Buffer error", sources: [ { db: "IVD", id: "e2fad12e-39ab-11e9-a54a-000c29342cb1", }, { db: "CNNVD", id: "CNNVD-201809-732", }, ], trust: 0.8, }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.