10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
IBM Rational DOORS Next Generation® is affected by a vulnerability in the Oracle Outside In Technology® that is used as a component.
CVE-ID: CVE-2015-4808 Description: An unspecified vulnerability in the Oracle Outside In Technology Outside In Filters component could allow a local or remote attacker to cause a denial of service or possibly execute arbitrary code on the system. CVSS Base Score: 6.8 CVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/109802> for the current score CVSS Environmental Score*: Undefined CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVE-ID: CVE-2015-6013 Description: Oracle Outside In Technology Outside In Filters component is vulnerable to a stack-based buffer overflow when handling WK4 files. A local or remote attacker could exploit this vulnerability using a specially crafted file to cause a denial of service and possibly execute arbitrary code on the system. CVSS Base Score: 6.8 CVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/109803> for the current score CVSS Environmental Score*: Undefined CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVE-ID: CVE-2015-6014 Description: Oracle Outside In Technology Outside In Filters component is vulnerable to a stack-based buffer overflow when handling doc files. A local or remote attacker could exploit this vulnerability using a specially crafted file to cause a denial of service and possibly execute arbitrary code on the system. CVSS Base Score: 6.8 CVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/109804> for the current score CVSS Environmental Score*: Undefined CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVE-ID: CVE-2015-6015 Description: Oracle Outside In Technology Outside In Filters component is vulnerable to a stack-based buffer overflow when handling Paradox DB files. A local or remote attacker could exploit this vulnerability using a specially crafted file to cause a denial of service and possibly execute arbitrary code on the system. CVSS Base Score: 6.8 CVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/110005> for the current score CVSS Environmental Score*: Undefined CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVE-ID: CVE-2016-0432 Description: An unspecified vulnerability in the Oracle Outside In Technology Outside In Filters component could allow a local or remote attacker to attacker to cause a denial of service and possibly execute arbitrary code on the system. CVSS Base Score: 6.8 CVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/109805> for the current score CVSS Environmental Score*: Undefined CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Rational DOORS Next Generation 6.0.1
Rational DOORS Next Generation 6.0
Rational DOORS Next Generation 5.0.2
Releases prior to 5.0.2 are not affected.
For the 6.0 and 6.0.1 releases, upgrade to version 6.0.1 iFix003 or later
For the 5.0.2 release, upgrade to version 5.0.2 iFix014 or later