CVE-2014-6598

Oracle Communications <5.0 - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-6598. PoCs published by KPN-CISO.

AI-analyzed exploit summary This is a detailed writeup by KPN CISO REDteam describing a stack buffer overflow vulnerability (CVE-2014-6598) in Oracle Diameter Signalling Router (DSR) version 5.0. The document explains the technical details of the exploit, including bypassing ASLR and NX protections using ROP techniques.

Description

Unspecified vulnerability in the Oracle Communications Diameter Signaling Router component in Oracle Communications Applications 3.x, 4.x, and 5.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Signaling - DPI.

Exploits (1)

nomisec WRITEUP 14 stars
by KPN-CISO · poc
https://github.com/KPN-CISO/DRA_writeup

This is a detailed writeup by KPN CISO REDteam describing a stack buffer overflow vulnerability (CVE-2014-6598) in Oracle Diameter Signalling Router (DSR) version 5.0. The document explains the technical details of the exploit, including bypassing ASLR and NX protections using ROP techniques.

Classification
Writeup 100%
Attack Type
Rce
Complexity
Complex
Reliability
Reliable
Target: Oracle Diameter Signalling Router (DSR) version 5.0
No auth needed
Prerequisites: Access to the IPX network · Ability to send crafted Diameter messages to the DSR
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1031590

Scores

EPSS 0.0454
EPSS Percentile 90.4%

Details

Status published
Products (3)
oracle/communications_applications 3.0
oracle/communications_applications 4.0
oracle/communications_applications 5.0
Published Jan 21, 2015
Tracked Since Feb 18, 2026