CVE-2013-2808

Philips Xper Information Management - Heap-based Buffer Overflow via Crafted HTTP Request

Title source: llm
STIX 2.1

Description

Heap-based buffer overflow in Xper in Philips Xper Information Management Physiomonitoring 5 components, Xper Information Management Vascular Monitoring 5 components, and Xper Information Management servers and workstations for Flex Cardio products before XperConnect 1.5.4.053 SP2 allows remote attackers to execute arbitrary code via a crafted HTTP request to the Connect broker on TCP port 6000.

References (1)

Core 1
Core References
US Government Resource x_refsource_misc
http://ics-cert.us-cert.gov/advisories/ICSA-13-277-01

Scores

EPSS 0.0435
EPSS Percentile 90.1%

Details

CWE
CWE-119
Status published
Products (4)
philips/xper_flex_cardio
philips/xper_information_management_physiomonitoring_5
philips/xper_information_management_vascular_monitoring_5
philips/xperconnect < 1.5.4.053
Published Oct 05, 2013
Tracked Since Feb 18, 2026