Vulnerability Description
Stack-based buffer overflow in Hospira LifeCare PCA Infusion System 5.0 and earlier, and possibly other versions, allows remote attackers to execute arbitrary code via unspecified vectors.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hospira | Lifecare Pcainfusion Firmware | <= 5.0 |
| Hospira | Lifecare Pca3 | - |
| Hospira | Lifecare Pca5 | - |
Related Weaknesses (CWE)
References
- http://www.fda.gov/MedicalDevices/Safety/AlertsandNotices/ucm446809.htmThird Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/75132
- https://ics-cert.us-cert.gov/advisories/ICSA-15-125-01BThird Party AdvisoryUS Government Resource
- http://www.fda.gov/MedicalDevices/Safety/AlertsandNotices/ucm446809.htmThird Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/75132
- https://ics-cert.us-cert.gov/advisories/ICSA-15-125-01BThird Party AdvisoryUS Government Resource
FAQ
What is CVE-2015-3955?
CVE-2015-3955 is a vulnerability with a CVSS score of 10.0 (HIGH). Stack-based buffer overflow in Hospira LifeCare PCA Infusion System 5.0 and earlier, and possibly other versions, allows remote attackers to execute arbitrary code via unspecified vectors.
How severe is CVE-2015-3955?
CVE-2015-3955 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-3955?
Check the references section above for vendor advisories and patch information. Affected products include: Hospira Lifecare Pcainfusion Firmware, Hospira Lifecare Pca3, Hospira Lifecare Pca5.