CVE-2014-9205

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.promotic.eu/en/pmdoc/News.htm", "name": "http://www.promotic.eu/en/pmdoc/News.htm", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-062-01", "name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-062-01", "tags": ["Third Party Advisory", "US Government Resource"], "refsource": "MISC"}, {"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-091/", "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-091/", "tags": [], "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Stack-based buffer overflow in the PmBase64Decode function in an unspecified demonstration application in MICROSYS PROMOTIC stable before 8.2.19 and PROMOTIC development before 8.3.2 allows remote attackers to execute arbitrary code by providing a large amount of data."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-119"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2014-9205", "ASSIGNER": "ics-cert@hq.dhs.gov"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "HIGH", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2015-03-29T10:59Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:microsys:promotic:*:*:*:*:development:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "8.3.1"}, {"cpe23Uri": "cpe:2.3:a:microsys:promotic:*:*:*:*:stable:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "8.2.18"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2015-03-30T18:46Z"}