Lucene search
K

13 matches found

Check Point Advisories
Check Point Advisories
added 2015/11/23 12:0 a.m.3 views

Borland AccuRev SaveContentServiceImpl Servlet Directory Traversal

A denial of service and an information disclosure vulnerability exists in the Borland AccuRev. A remote, unauthenticated attacker can exploit this weakness in the product to read files or to delete an arbitrary file on the system. Successful exploitation of this vulnerability will result in eithe...

4.2AI score
Exploits0
CNVD
CNVD
added 2015/09/16 12:0 a.m.4 views

Borland AccuRev Buffer Overflow Vulnerability (CNVD-2015-06027)

Borland AccuRev is a software configuration management tool. Multiple stack buffer overflow vulnerabilities exist in the function activatedoit in Borland AccuRev's Reprise License Manager service, which can be exploited by a remote attacker to execute arbitrary code via the akey or actserver...

8.4AI score
Exploits0References1
Prion
Prion
added 2015/09/15 6:59 p.m.17 views

Stack overflow

Multiple stack-based buffer overflows in the Reprise License Manager service in Borland AccuRev allow remote attackers to execute arbitrary code via the 1 akey or 2 actserver parameter to the activatedoit function or 3 licfile parameter to the servicestartupdoit functionality...

9.3CVSS8.4AI score0.19984EPSS
Exploits1References4
CVE
CVE
added 2015/09/15 6:0 p.m.63 views

CVE-2015-6946

CVE-2015-6946 (Borland AccuRev Reprise License Manager) involves multiple stack-based buffer overflows in the service where remote attackers can execute arbitrary code via the activate_doit (akey, actserver) or service_startup_doit (licfile) parameters. Connected advisories (ZDI) describe stack o...

9.3CVSS8AI score0.19984EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2015/09/15 6:0 p.m.28 views

CVE-2015-6946

Multiple stack-based buffer overflows in the Reprise License Manager service in Borland AccuRev allow remote attackers to execute arbitrary code via the 1 akey or 2 actserver parameter to the activatedoit function or 3 licfile parameter to the servicestartupdoit functionality...

7.7AI score0.19984EPSS
Exploits1References4
Zero Day Initiative
Zero Day Initiative
added 2015/09/02 12:0 a.m.25 views

(0Day) Borland AccuRev Reprise License Management Server Path Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Borland AccuRev. Authentication is not required to exploit this vulnerability. The specific flaw exists within the rlmswitchprocess functionality of the Reprise License Manager service. The issue...

6.8CVSS7.6AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2015/09/02 12:0 a.m.15 views

(0Day) Borland AccuRev Reprise License Server edit_lf_get_data Command lf Parameter Path Traversal Read Vulnerability

This vulnerability allows remote attackers to read arbitrary files on vulnerable installations of Borland AccuRev. Authentication is not required to exploit this vulnerability. The specific flaw exists within the editlfgetdata functionality of the AccuRev Reprise License Manager service. The issu...

7.1CVSS6.7AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2015/09/02 12:0 a.m.27 views

(0Day) Borland AccuRev Reprise License Server edit_lf_process Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Borland AccuRev. Authentication is not required to exploit this vulnerability. The specific flaw exists within the editlfprocess resource of the AccuRev Reprise License Manager service. The issue...

8.8CVSS7.6AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2015/09/02 12:0 a.m.26 views

(0Day) Borland AccuRev Reprise License Server activate_doit Command akey Parameter Stack Buffer Overflow Vulnerability

This vulnerability allows remote attackers to cause a stack buffer overflow in the Reprise License Management service on installations of Borland AccuRev. Authentication is not required to exploit this vulnerability. The specific flaw exists within the activatedoit function of the service. The...

9.3CVSS6.9AI score0.19984EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
added 2015/09/02 12:0 a.m.55 views

(0Day) Borland AccuRev Reprise License Server service_setup_doit Command Stack Buffer Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Borland AccuRev. Authentication is not required to exploit this vulnerability. The specific flaw exists within the servicestartupdoit functionality of the Reprise License Manager service. The issue...

9.3CVSS7AI score0.19984EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
added 2015/09/02 12:0 a.m.20 views

(0Day) Borland AccuRev Reprise License Server diagnostics_doit Command outputfile Parameter File Overwrite Denial of Service Vulnerability

This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations of Borland AccuRev. Authentication is not required to exploit this vulnerability. The specific flaw exists within the diagonosticdoit command of the AccuRev Reprise License Manager service. The iss...

7.1CVSS6.7AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2015/09/02 12:0 a.m.9 views

(0Day) Borland AccuRev SaveContentServiceImpl Servlet Path Traversal Remote File Read And Deletion Vulnerabilities

This vulnerability allows remote attackers to read or delete arbitrary files on vulnerable installations of Borland AccuRev. Authentication is not required to exploit this vulnerability. The specific flaws exist within implementation of the SaveContent functionality in the AccuRevTomcat service...

8.8CVSS6.8AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2015/09/02 12:0 a.m.32 views

(0Day) Borland AccuRev Reprise License Server activate_doit Command actserver Parameter Stack Buffer Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Borland AccuRev. Authentication is not required to exploit this vulnerability. The specific flaw exists within the activatedoit function of the service. The issue lies in the handling of the...

9.3CVSS7AI score0.19984EPSS
Exploits1References1
Rows per page
Query Builder