CVE-2015-0795

EUVD-2015-0808
Multiple stack-based buffer overflows in the SafeShellExecute method in the NetIQExecObject.NetIQExec.1 ActiveX control in NetIQExec.dll in NetIQ Security Solutions for iSeries 8.1 allow remote attackers to execute arbitrary code via long arguments, aka ZDI-CAN-2699.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 87%
Affected Products (NVD)
VendorProductVersion
microfocussecurity_solutions_for_iseries
8.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.zerodayinitiative.com/advisories/ZDI-15-340/
https://www.netiq.com/support/kb/doc.php?id=7016656
http://www.zerodayinitiative.com/advisories/ZDI-15-340/
https://www.netiq.com/support/kb/doc.php?id=7016656