Lucene search

[email protected]CVE-2015-1362

HistoryOct 03, 2022 - 4:15 p.m.

CVE-2015-1362

2022-10-0316:15:52

CWE-119

[email protected]

web.nvd.nist.gov

cve-2015-1362

buffer overflow

customize 35mm tab

two pilots exif pilot

arbitrary code execution

remote attackers

xml file

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.1 High

AI Score

Confidence

High

0.017 Low

EPSS

Percentile

88.0%

JSON

Buffer overflow in the Customize 35mm tab in Two Pilots Exif Pilot 4.7.2 allows remote attackers to execute arbitrary code via a long string in the maker element in an XML file.

Affected configurations

NVD

Node

two_pilotsexif_pilotMatch4.7.2

CPENameOperatorVersion
two_pilots:exif_pilottwo pilots exif piloteq4.7.2

CPE	Name	Operator	Version
two_pilots:exif_pilot	two pilots exif pilot	eq	4.7.2

References

packetstormsecurity.com/files/130037/Exif-Pilot-4.7.2-Buffer-Overflow.html

www.exploit-db.com/exploits/35870

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.1 High

AI Score

Confidence

High

0.017 Low

EPSS

Percentile

88.0%

JSON

Related for CVE-2015-1362

prion1 nvd1 cvelist1