Lucene search

[email protected]CVE-2015-4947

HistorySep 15, 2015 - 3:59 p.m.

CVE-2015-4947

2015-09-1515:59:00

CWE-119

[email protected]

web.nvd.nist.gov

cve

2015

4947

buffer overflow

ibm http server

websphere application server

nvd

security vulnerability

code execution

9.4 High

AI Score

Confidence

High

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.004 Low

EPSS

Percentile

71.9%

JSON

Stack-based buffer overflow in the Administration Server in IBM HTTP Server 6.1.0.x through 6.1.0.47, 7.0.0.x before 7.0.0.39, 8.0.0.x before 8.0.0.12, and 8.5.x before 8.5.5.7, as used in WebSphere Application Server and other products, allows remote authenticated users to execute arbitrary code via unspecified vectors.

CPENameOperatorVersion
ibm:http_serveribm http serverle6.1.0.47
ibm:http_serveribm http serverlt7.0.0.39
ibm:http_serveribm http serverlt8.0.0.12
ibm:http_serveribm http serverlt8.5.5.7

CPE	Name	Operator	Version
ibm:http_server	ibm http server	le	6.1.0.47
ibm:http_server	ibm http server	lt	7.0.0.39
ibm:http_server	ibm http server	lt	8.0.0.12
ibm:http_server	ibm http server	lt	8.5.5.7

References

www-01.ibm.com/support/docview.wss?uid=swg1PI44793

www-01.ibm.com/support/docview.wss?uid=swg1PI45596

www-01.ibm.com/support/docview.wss?uid=swg21965419

www.securityfocus.com/bid/76658

www.securitytracker.com/id/1033512

9.4 High

AI Score

Confidence

High

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.004 Low

EPSS

Percentile

71.9%

JSON

Related for CVE-2015-4947

prion1 nessus2 ibm13