7.8 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.914 High
EPSS
Percentile
98.9%
Stack-based buffer overflow in collectoragent.exe in Fortinet Single Sign On (FSSO) before build 164 allows remote attackers to execute arbitrary code via a large PROCESS_HELLO message to the Message Dispatcher on TCP port 8000.
CPE | Name | Operator | Version |
---|---|---|---|
fortinet:single_sign_on | fortinet single sign on | eq | 4.3 |
seclists.org/fulldisclosure/2015/Mar/111
www.coresecurity.com/advisories/fortinet-single-sign-on-stack-overflow
www.fortiguard.com/advisory/2015-02-27-fsso-stack-based-buffer-overflow
www.fortiguard.com/advisory/FG-IR-15-006/
www.osvdb.org/119719
www.securityfocus.com/archive/1/534918/100/0/threaded
www.securityfocus.com/bid/73206
www.exploit-db.com/exploits/36422/