Lucene search

[email protected]CVE-2015-7860

HistoryOct 19, 2015 - 6:59 p.m.

CVE-2015-7860

2015-10-1918:59:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2015-7860

buffer overflow

agent

persistent accelerite radia client automation

remote code execution

firewalling

nvd

8.3 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.663 Medium

EPSS

Percentile

97.9%

JSON

Stack-based buffer overflow in the agent in Persistent Accelerite Radia Client Automation (formerly HP Client Automation), possibly before 9.1, allows remote attackers to execute arbitrary code by sending a large amount of data in an environment that lacks relationship-based firewalling.

CPENameOperatorVersion
accelerite:radia_client_automationaccelerite radia client automationeq8.1
accelerite:radia_client_automationaccelerite radia client automationeq9.0
accelerite:radia_client_automationaccelerite radia client automationeq9.1
accelerite:radia_client_automationaccelerite radia client automationeq7.9

CPE	Name	Operator	Version
accelerite:radia_client_automation	accelerite radia client automation	eq	8.1
accelerite:radia_client_automation	accelerite radia client automation	eq	9.0
accelerite:radia_client_automation	accelerite radia client automation	eq	9.1
accelerite:radia_client_automation	accelerite radia client automation	eq	7.9

References

www.kb.cert.org/vuls/id/966927

www.securityfocus.com/bid/75966

www.securitytracker.com/id/1033861

zerodayinitiative.com/advisories/ZDI-15-363/

8.3 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.663 Medium

EPSS

Percentile

97.9%

JSON

Related for CVE-2015-7860

prion1 zdi1 cert1 ics1