5 matches found
CVE-2020-4545
Summary of CVE-2020-4545 from provided documents: IBM Aspera Connect v3.9.9 and earlier is vulnerable to arbitrary code execution stemming from improper loading of Dynamic Link Libraries via the import feature. A victim who opens a specially crafted DLL can trigger code execution with the attacke...
CVE-2023-27284
IBM Aspera Cargo 4.2.5 and IBM Aspera Connect 4.2.5 are affected by a buffer overflow caused by improper bounds checking. According to IBM and Red Hat/PRION entries, the vulnerability allows code execution on the system and is addressed by upgrading to version 4.2.5 (remediation included in the I...
CVE-2023-27285
CVE-2023-27285 affects IBM Aspera Connect and IBM Aspera Cargo at versions up to 4.2.5, with a buffer overflow caused by improper bounds checking. The impact is potential arbitrary code execution on the target system. The vulnerability is addressed by IBM’s remediation: upgrading to version 4.2.6...
CVE-2023-27286
CVE-2023-27286 affects IBM Aspera Cargo 4.2.5 and IBM Aspera Connect 4.2.5, with a buffer overflow caused by improper bounds checking in the affected components. The vulnerability could allow an attacker to overflow a buffer and execute arbitrary code on the system. Remediation is available in IB...
CVE-2023-22862
CVE-2023-22862 affects IBM Aspera Connect 4.2.5 and IBM Aspera Cargo 4.2.5, where authentication credentials are transmitted using an insecure method that can lead to unauthorized interception and retrieval. The IBM Security Bulletin (B3AE4522A366582F82BAA72D23E6FD29726FC63DA16335263B492D5C25D88B...