Vulnerability CVE-2017-15220


Published: 2017-10-11

Description:
Flexense VX Search Enterprise 10.1.12 is vulnerable to a buffer overflow via an empty POST request to a long URI beginning with a /../ substring. This allows remote attackers to execute arbitrary code.

See advisories in our WLB2 database:
Topic
Author
Date
High
VX Search Enterprise 10.1.12 Buffer Overflow
Revnic Vasile
11.10.2017

Type:

CWE-119

(Improper Restriction of Operations within the Bounds of a Memory Buffer)

 References:
https://www.exploit-db.com/exploits/42973/

Copyright 2017, cxsecurity.com

 

Back to Top