Lucene search

MitreCVE-2013-7105

HistoryDec 14, 2013 - 8:55 p.m.

CVE-2013-7105

2013-12-1420:55:03

CWE-119

mitre

web.nvd.nist.gov

cve-2013-7105

buffer overflow

interstage application server

fujitsu

interstage studio

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.9

Confidence

Low

EPSS

0.004

Percentile

73.1%

JSON

Buffer overflow in the Interstage HTTP Server log functionality, as used in Fujitsu Interstage Application Server 9.0.0, 9.1.0, 9.2.0, 9.3.1, and 10.0.0; and Interstage Studio 9.0.0, 9.1.0, 9.2.0, and 10.0.0, has unspecified impact and attack vectors related to “ihsrlog/rotatelogs.”

Affected configurations

Nvd

Node

fujitsuinterstage_application_serverMatch9.0.0

fujitsuinterstage_application_serverMatch9.1.0

fujitsuinterstage_application_serverMatch9.2.0

fujitsuinterstage_application_serverMatch9.3.1

fujitsuinterstage_application_serverMatch10.0.0

fujitsuinterstage_studioMatch9.0.0

fujitsuinterstage_studioMatch9.1.0

fujitsuinterstage_studioMatch9.2.0

fujitsuinterstage_studioMatch10.0.0

VendorProductVersionCPE
fujitsuinterstage_application_server9.0.0cpe:2.3:a:fujitsu:interstage_application_server:9.0.0:*:*:*:*:*:*:*
fujitsuinterstage_application_server9.1.0cpe:2.3:a:fujitsu:interstage_application_server:9.1.0:*:*:*:*:*:*:*
fujitsuinterstage_application_server9.2.0cpe:2.3:a:fujitsu:interstage_application_server:9.2.0:*:*:*:*:*:*:*
fujitsuinterstage_application_server9.3.1cpe:2.3:a:fujitsu:interstage_application_server:9.3.1:*:*:*:*:*:*:*
fujitsuinterstage_application_server10.0.0cpe:2.3:a:fujitsu:interstage_application_server:10.0.0:*:*:*:*:*:*:*
fujitsuinterstage_studio9.0.0cpe:2.3:a:fujitsu:interstage_studio:9.0.0:*:*:*:*:*:*:*
fujitsuinterstage_studio9.1.0cpe:2.3:a:fujitsu:interstage_studio:9.1.0:*:*:*:*:*:*:*
fujitsuinterstage_studio9.2.0cpe:2.3:a:fujitsu:interstage_studio:9.2.0:*:*:*:*:*:*:*
fujitsuinterstage_studio10.0.0cpe:2.3:a:fujitsu:interstage_studio:10.0.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
fujitsu	interstage_application_server	9.0.0	cpe:2.3:a:fujitsu:interstage_application_server:9.0.0:::::::*
fujitsu	interstage_application_server	9.1.0	cpe:2.3:a:fujitsu:interstage_application_server:9.1.0:::::::*
fujitsu	interstage_application_server	9.2.0	cpe:2.3:a:fujitsu:interstage_application_server:9.2.0:::::::*
fujitsu	interstage_application_server	9.3.1	cpe:2.3:a:fujitsu:interstage_application_server:9.3.1:::::::*
fujitsu	interstage_application_server	10.0.0	cpe:2.3:a:fujitsu:interstage_application_server:10.0.0:::::::*
fujitsu	interstage_studio	9.0.0	cpe:2.3:a:fujitsu:interstage_studio:9.0.0:::::::*
fujitsu	interstage_studio	9.1.0	cpe:2.3:a:fujitsu:interstage_studio:9.1.0:::::::*
fujitsu	interstage_studio	9.2.0	cpe:2.3:a:fujitsu:interstage_studio:9.2.0:::::::*
fujitsu	interstage_studio	10.0.0	cpe:2.3:a:fujitsu:interstage_studio:10.0.0:::::::*

References

www.fujitsu.com/global/support/software/security/products-f/interstage-201302e.html

www.securityfocus.com/bid/63929

www.securitytracker.com/id/1029398

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.9

Confidence

Low

EPSS

0.004

Percentile

73.1%

JSON

Related for CVE-2013-7105