Buffer overflow

2010-04-0715:30:00

PRIOn knowledge base

www.prio-n.com

8.2 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.92 High

EPSS

Percentile

98.9%

JSON

Multiple buffer overflows in CA XOsoft r12.0 and r12.5 allow remote attackers to execute arbitrary code via (1) a malformed request to the ws_man/xosoapapi.asmx SOAP endpoint or (2) a long string to the entry_point.aspx service.

CPENameOperatorVersion
xosoft_content_distributioneq12.0.114
xosoft_content_distributioneq12.5.114
xosoft_high_availabilityeq12.5.114
xosoft_high_availabilityeq12.0.114
xosoft_replicationeq12.5.114
xosoft_replicationeq12.0.114

Name	Operator	Version
xosoft_content_distribution	eq	12.0.114
xosoft_content_distribution	eq	12.5.114
xosoft_high_availability	eq	12.5.114
xosoft_high_availability	eq	12.0.114
xosoft_replication	eq	12.5.114
xosoft_replication	eq	12.0.114