Sign-up

ID

VAR-201403-0456


CVE

CVE-2014-0879


TITLE

IBM Datacap Taskmaster Capture Vulnerable to stack-based buffer overflow

Trust: 0.8

sources: JVNDB: JVNDB-2014-001760

DESCRIPTION

Stack-based buffer overflow in the Taskmaster Capture ActiveX control in IBM Datacap Taskmaster Capture 8.0.1, and 8.1 before FP2, allows remote attackers to execute arbitrary code via unspecified vectors. The impact of this issue is currently unknown. We will update this BID when more information emerges. IBM Datacap Taskmaster Capture 8.0.1 is vulnerable

Trust: 1.89

sources: NVD: CVE-2014-0879 // JVNDB: JVNDB-2014-001760 // BID: 66184

AFFECTED PRODUCTS

vendor:ibmmodel:datacap taskmaster capturescope:eqversion:8.0.1

Trust: 2.7

vendor:ibmmodel:datacap taskmaster capturescope:eqversion:8.1

Trust: 1.6

vendor:ibmmodel:datacap taskmaster capturescope:ltversion:8.1

Trust: 0.8

vendor:ibmmodel:datacap taskmaster capturescope:eqversion:8.1 fp2

Trust: 0.8

vendor:ibmmodel:datacap taskmaster capturescope:neversion:8.1

Trust: 0.3

sources: BID: 66184 // JVNDB: JVNDB-2014-001760 // CNNVD: CNNVD-201403-400 // NVD: CVE-2014-0879

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2014-0879
value: HIGH

Trust: 1.0

NVD: CVE-2014-0879
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201403-400
value: CRITICAL

Trust: 0.6

nvd@nist.gov: CVE-2014-0879
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

sources: JVNDB: JVNDB-2014-001760 // CNNVD: CNNVD-201403-400 // NVD: CVE-2014-0879

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.8

sources: JVNDB: JVNDB-2014-001760 // NVD: CVE-2014-0879

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201403-400

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201403-400

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2014-001760

PATCH
title:1666888url:http://www-01.ibm.com/support/docview.wss?uid=swg21666888
Trust: 0.8
title:8.1.0.2-Datacap-Taskmaster-WIN-IF-OCRAurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=48838
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2014-001760 // 
            
            
            
            CNNVD: CNNVD-201403-400

EXTERNAL IDS
db:NVDid:CVE-2014-0879
Trust: 2.7
db:JVNDBid:JVNDB-2014-001760
Trust: 0.8
db:XFid:20140879
Trust: 0.6
db:XFid:91115
Trust: 0.6
db:SECUNIAid:57378
Trust: 0.6
db:CNNVDid:CNNVD-201403-400
Trust: 0.6
db:BIDid:66184
Trust: 0.3
sources:
            
            
            BID: 66184 // 
            
            
            
            JVNDB: JVNDB-2014-001760 // 
            
            
            
            CNNVD: CNNVD-201403-400 // 
            
            
            
            NVD: CVE-2014-0879

REFERENCES
url:http://www-01.ibm.com/support/docview.wss?uid=swg21666888
Trust: 1.9
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/91115
Trust: 1.0
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0879
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0879
Trust: 0.8
url:http://xforce.iss.net/xforce/xfdb/91115
Trust: 0.6
url:http://secunia.com/advisories/57378
Trust: 0.6
url:http://www.ibm.com/
Trust: 0.3
sources:
            
            
            BID: 66184 // 
            
            
            
            JVNDB: JVNDB-2014-001760 // 
            
            
            
            CNNVD: CNNVD-201403-400 // 
            
            
            
            NVD: CVE-2014-0879

CREDITS
Andrew Brooks.
Trust: 0.3
sources:
            
            
            BID: 66184

SOURCES
db:BIDid:66184
db:JVNDBid:JVNDB-2014-001760
db:CNNVDid:CNNVD-201403-400
db:NVDid:CVE-2014-0879

LAST UPDATE DATE
2025-04-13T23:34:12.804000+00:00

SOURCES UPDATE DATE
db:BIDid:66184date:2014-03-11T00:00:00
db:JVNDBid:JVNDB-2014-001760date:2014-03-28T00:00:00
db:CNNVDid:CNNVD-201403-400date:2014-03-24T00:00:00
db:NVDid:CVE-2014-0879date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:BIDid:66184date:2014-03-11T00:00:00
db:JVNDBid:JVNDB-2014-001760date:2014-03-24T00:00:00
db:CNNVDid:CNNVD-201403-400date:2014-03-24T00:00:00
db:NVDid:CVE-2014-0879date:2014-03-21T10:55:05.143