CVE-2014-9451

VDG Security SENSE 2.3.13 - Remote Code Execution via AuthenticateUser Request

Title source: llm
STIX 2.1

Description

Multiple stack-based buffer overflows in the DIVA web service API (/webservice) in VDG Security SENSE (formerly DIVA) 2.3.13 allow remote attackers to execute arbitrary code via the (1) user or (2) password parameter in an AuthenticateUser request.

Scores

EPSS 0.0464
EPSS Percentile 90.6%

Details

CWE
CWE-119
Status published
Products (1)
vdgsecurity/vdg_sense 2.3.13
Published Jan 02, 2015
Tracked Since Feb 18, 2026