CVE-2019-9865

When RPC is enabled in Wind River VxWorks 6.9 prior to 6.9.1, a specially crafted RPC request can trigger an integer overflow leading to an out-of-bounds memory copy. It may allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*
cpe:2.3:o:windriver:vxworks:6.6:*:*:*:*:*:*:*
cpe:2.3:o:windriver:vxworks:6.7:*:*:*:*:*:*:*
cpe:2.3:o:windriver:vxworks:6.8:*:*:*:*:*:*:*

History

No history.

Information

Published : 2019-05-29 17:29

Updated : 2024-02-28 17:08


NVD link : CVE-2019-9865

Mitre link : CVE-2019-9865

CVE.ORG link : CVE-2019-9865


JSON object : View

Products Affected

windriver

  • vxworks
CWE
CWE-190

Integer Overflow or Wraparound