Lucene search
JpcertCVE-2015-5624HistorySep 07, 2015 - 2:59 p.m.
CVE-2015-5624
2015-09-0714:59:01
CWE-119
jpcert
web.nvd.nist.gov
25
cve-2015-5624
buffer overflow
execcall
c2lv6.ocx
freebit
elphonebtnv6
activex
remote code execution
crafted html document
click to live service
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.9
Confidence
High
EPSS
0.042
Percentile
92.3%
Buffer overflow in the ExecCall method in c2lv6.ocx in the FreeBit ELPhoneBtnV6 ActiveX control allows remote attackers to execute arbitrary code via a crafted HTML document, related to the discontinued “Click to Live” service.
Affected configurations
Node
freebitelphonebtnv6_activex_controlMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| freebit | elphonebtnv6_activex_control | - | cpe:2.3:a:freebit:elphonebtnv6_activex_control:-:*:*:*:*:*:*:* |
Related
prion
prion
Buffer overflow
2015-09-07 14:59:00
nvd
nvd
CVE-2015-5624
2015-09-07 14:59:01
cvelist
cvelist
CVE-2015-5624
2015-09-07 14:00:00
jvn
jvn
JVN#62078684: ELPhoneBtnV6 ActiveX control vulnerable to buffer overflow
2015-09-07 00:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.9
Confidence
High
EPSS
0.042
Percentile
92.3%
Related for CVE-2015-5624