Medcin Engine
CVE-2015-6006
HIGH
Severity by source
AV:N/AC:L/Au:N/C:P/I:P/A:P
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
AV:N/AC:L/Au:N/C:P/I:P/A:P
Lifecycle Timeline
1DescriptionCVE.org
The AddUserFinding implementation in Medicomp MEDCIN Engine 2.22.20153.x before 2.22.20153.226 might allow remote attackers to execute arbitrary code or cause a denial of service (integer truncation and heap-based buffer overflow) via a crafted packet on port 8190.
AnalysisAI
The AddUserFinding implementation in Medicomp MEDCIN Engine 2.22.20153.x before 2.22.20153.226 might allow remote attackers to execute arbitrary code or cause a denial of service (integer truncation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 18.7% and no vendor patch available.
Technical ContextAI
This vulnerability is classified as Buffer Overflow (CWE-119), which allows attackers to corrupt memory to execute arbitrary code or crash the application. The AddUserFinding implementation in Medicomp MEDCIN Engine 2.22.20153.x before 2.22.20153.226 might allow remote attackers to execute arbitrary code or cause a denial of service (integer truncation and heap-based buffer overflow) via a crafted packet on port 8190. Affected products include: Medicomp Medcin Engine. Version information: before 2.22.20153.226.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Use memory-safe languages or bounds-checking. Enable ASLR, DEP/NX, stack canaries. Use safe string functions.
More in Medcin Engine
View allMultiple stack-based buffer overflows in Medicomp MEDCIN Engine 2.22.20142.166 might allow remote attackers to execute a
Multiple stack-based buffer overflows in Medicomp MEDCIN Engine before 2.22.20153.226 might allow remote attackers to ex
The AddUserFinding add_userfinding2 function in Medicomp MEDCIN Engine before 2.22.20153.226 allows remote attackers to
Heap-based buffer overflow in the QualifierList retrieve_qualifier_list function in Medicomp MEDCIN Engine before 2.22.2
Same weakness CWE-119 – Buffer Overflow
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today