1. Home
  2. CVE Database
  3. CVE-2014-0789
MEDIUM · 5.0

CVE-2014-0789

Multiple buffer overflows in the OPC Automation 2.0 Server Object ActiveX control in Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 3.5 and earlier, TLXCDSTOFS33 3.5 and earlier, TLXCDLUOFS3...

Vulnerability Description

Multiple buffer overflows in the OPC Automation 2.0 Server Object ActiveX control in Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 3.5 and earlier, TLXCDSTOFS33 3.5 and earlier, TLXCDLUOFS33 3.5 and earlier, TLXCDLTOFS33 3.5 and earlier, and TLXCDLFOFS33 3.5 and earlier allow remote attackers to cause a denial of service via long arguments to unspecified functions.

CVSS Score

5.0

MEDIUM

AV:N/AC:L/Au:N/C:N/I:N/A:P
Confidentiality
NONE
Integrity
NONE
Availability
PARTIAL

Affected Products

VendorProductVersions
Schneider-ElectricOpc Factory Server Tlxcdlfofs<= 3.35
Schneider-ElectricOpc Factory Server Tlxcdltofs<= 3.35
Schneider-ElectricOpc Factory Server Tlxcdluofs<= 3.35
Schneider-ElectricOpc Factory Server Tlxcdstofs<= 3.35
Schneider-ElectricOpc Factory Server Tlxcdsuofs<= 3.35

Related Weaknesses (CWE)

CWE-122CWE-119

References

FAQ

What is CVE-2014-0789?

CVE-2014-0789 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Multiple buffer overflows in the OPC Automation 2.0 Server Object ActiveX control in Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 3.5 and earlier, TLXCDSTOFS33 3.5 and earlier, TLXCDLUOFS3...

How severe is CVE-2014-0789?

CVE-2014-0789 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2014-0789?

Check the references section above for vendor advisories and patch information. Affected products include: Schneider-Electric Opc Factory Server Tlxcdlfofs, Schneider-Electric Opc Factory Server Tlxcdltofs, Schneider-Electric Opc Factory Server Tlxcdluofs, Schneider-Electric Opc Factory Server Tlxcdstofs, Schneider-Electric Opc Factory Server Tlxcdsuofs.