CVE-2013-2808
Philips Xper Information Management - Heap-based Buffer Overflow via Crafted HTTP Request
Title source: llmDescription
Heap-based buffer overflow in Xper in Philips Xper Information Management Physiomonitoring 5 components, Xper Information Management Vascular Monitoring 5 components, and Xper Information Management servers and workstations for Flex Cardio products before XperConnect 1.5.4.053 SP2 allows remote attackers to execute arbitrary code via a crafted HTTP request to the Connect broker on TCP port 6000.
References (1)
Core 1
Core References
US Government Resource x_refsource_misc
http://ics-cert.us-cert.gov/advisories/ICSA-13-277-01
Scores
EPSS
0.0435
EPSS Percentile
90.1%
Details
CWE
CWE-119
Status
published
Products (4)
philips/xper_flex_cardio
philips/xper_information_management_physiomonitoring_5
philips/xper_information_management_vascular_monitoring_5
philips/xperconnect
< 1.5.4.053
Published
Oct 05, 2013
Tracked Since
Feb 18, 2026