CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-5779

A flaw in Trading Technologies Messaging 7.1.28.3 (ttmd.exe) relates to invalid parameter handling when calling strcpy_s() with an invalid parameter (i.e., a long src string parameter) as a part of processing a type 4 message sent to default TCP RequestPort 10200. It's been observed that ttmd.exe terminates as a result.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 55.7%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

https://www.tenable.com/security/research/tra-2020-52
https://www.tenable.com/security/research/tra-2020-52

Products affected by CVE-2020-5779

Tradingtechnologies » Trading Technologies Messaging » Version: 7.1.28.3

cpe:2.3:a:tradingtechnologies:trading_technologies_messaging:7.1.28.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-5779

Products

Pricing

Contact Us