Vulnerabilities > CVE-2020-5779 - Unspecified vulnerability in Tradingtechnologies Trading Technologies Messaging 7.1.28.3

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

tradingtechnologies

NVD

Published: 2020-09-02

Updated: 2024-11-21

Summary

A flaw in Trading Technologies Messaging 7.1.28.3 (ttmd.exe) relates to invalid parameter handling when calling strcpy_s() with an invalid parameter (i.e., a long src string parameter) as a part of processing a type 4 message sent to default TCP RequestPort 10200. It's been observed that ttmd.exe terminates as a result.

Vulnerable Configurations

Part	Description	Count
Application	Tradingtechnologies Tradingtechnologies Trading Technologies Messaging 7.1.28.3	1

References

https://www.tenable.com/security/research/tra-2020-52
https://www.tenable.com/security/research/tra-2020-52