[email protected]CVE-2015-2094

HistoryMar 09, 2015 - 2:59 p.m.

CVE-2015-2094

2015-03-0914:59:12

CWE-119

[email protected]

web.nvd.nist.gov

cve-2015-2094

stack-based buffer overflow

webgate winrds

remote code execution

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.9 High

AI Score

Confidence

High

0.897 High

EPSS

Percentile

98.8%

JSON

Stack-based buffer overflow in the WESPPlayback.WESPPlaybackCtrl.1 control in WebGate WinRDS allows remote attackers to execute arbitrary code via unspecified vectors to the (1) PrintSiteImage, (2) PlaySiteAllChannel, (3) StopSiteAllChannel, or (4) SaveSiteImage function.

Affected configurations

NVD

Node

webgateincwinrds

CPENameOperatorVersion
webgateinc:winrdswebgateinc winrdseq*

CPE	Name	Operator	Version
webgateinc:winrds	webgateinc winrds	eq	*

References

packetstormsecurity.com/files/131069/WebGate-WinRDS-2.0.8-StopSiteAllChannel-Stack-Overflow.html

www.osvdb.org/118905

www.osvdb.org/118906

www.osvdb.org/118907

www.osvdb.org/118908

www.securityfocus.com/bid/72841

www.zerodayinitiative.com/advisories/ZDI-15-071/

www.zerodayinitiative.com/advisories/ZDI-15-072/

www.zerodayinitiative.com/advisories/ZDI-15-073/

www.zerodayinitiative.com/advisories/ZDI-15-074/

www.exploit-db.com/exploits/36517/

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.9 High

AI Score

Confidence

High

0.897 High

EPSS

Percentile

98.8%

JSON

Related for CVE-2015-2094

zdt2 checkpoint_advisories1 prion1 cvelist1 zdi4 packetstorm1 nvd1 nessus1