Vulnerability CVE-2017-15220


Published: 2017-10-11   Modified: 2017-10-26

Description:
Flexense VX Search Enterprise 10.1.12 is vulnerable to a buffer overflow via an empty POST request to a long URI beginning with a /../ substring. This allows remote attackers to execute arbitrary code.

See advisories in our WLB2 database:
Topic
Author
Date
High
VX Search Enterprise 10.1.12 Buffer Overflow
Revnic Vasile
11.10.2017

Type:

CWE-119

(Improper Restriction of Operations within the Bounds of a Memory Buffer)

Vendor: Flexense
Product: Vx search 
Version: 10.1.12;

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

 References:
https://www.exploit-db.com/exploits/42973/

Related CVE
CVE-2017-15950
Flexense SyncBreeze Enterprise version 10.1.16 is vulnerable to a buffer overflow that can be exploited for arbitrary code execution. The flaw is triggered by providing a long input into the "Destination directory" field, either within an XML documen...
CVE-2017-14980
Buffer overflow in Sync Breeze Enterprise 10.0.28 allows remote attackers to have unspecified impact via a long username parameter to /login.
CVE-2017-7310
A buffer overflow vulnerability in Import Command in Sync Breeze Enterprise Client 9.5.16, Disk Sorter Enterprise Client 9.5.12, and DiskBoss Enterprise Client 7.8.16 allows attackers to execute arbitrary code via a crafted XML file containing a long...
CVE-2017-6416
An issue was discovered in SysGauge 1.5.18. A buffer overflow vulnerability in SMTP connection verification leads to arbitrary code execution. The attack vector is a crafted SMTP daemon that sends a long 220 (aka "Service ready") string.

Copyright 2017, cxsecurity.com

 

Back to Top