Lucene search
AnonymousZDI-14-160HistoryJun 02, 2014 - 12:00 a.m.
(0Day) Ericom AccessNow Server Stack Buffer Overflow Remote Code Execution Vulnerability
2014-06-0200:00:00
Anonymous
www.zerodayinitiative.com
17
0.895 High
EPSS
Percentile
98.8%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Ericom AccessNow Server. Authentication is not required to exploit this vulnerability. The specific flaw exists in the way AccessServer32.exe handles requests for non-existent files. AccessServer32.exe performs insufficient bounds checking on user-supplied data which results in stack corruption. An attacker can exploit this condition to achieve remote code execution as SYSTEM.
Related
cvelist
cvelist
CVE-2014-3913
2014-06-04 14:00:00
packetstorm
packetstorm
Ericom AccessNow Server Buffer Overflow
2014-06-19 00:00:00
prion
prion
Stack overflow
2014-06-04 14:55:00
nvd
nvd
CVE-2014-3913
2014-06-04 14:55:05
zdt
zdt
Ericom AccessNow Server Buffer Overflow Exploit
2014-06-19 00:00:00
kaspersky
kaspersky
KLA10149 ACE vulnerability in Ericom
2014-06-04 00:00:00
checkpoint_advisories
checkpoint_advisories
Ericom AccessNow Server Stack Buffer Overflow (CVE-2014-3913)
2014-07-07 00:00:00
cve
cve
CVE-2014-3913
2014-06-04 14:55:05
nessus
nessus
Ericom AccessNow Server < 3.3.1.4095 Stack-Based Buffer Overflow
2014-06-30 00:00:00