CVE-2016-6042

EUVD-2016-6976
IBM AppScan Enterprise Edition could allow a remote attacker to execute arbitrary code on the system, caused by improper handling of objects in memory. By persuading a victim to open specially-crafted content, an attacker could exploit this vulnerability to execute arbitrary code on the system in the same context as the victim.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.3 HIGH
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 73%
Affected Products (NVD)
VendorProductVersion
ibmsecurity_appscan
9.0.0.0
ibmsecurity_appscan
9.0.0.1
ibmsecurity_appscan
9.0.1.0
ibmsecurity_appscan
9.0.1.1
ibmsecurity_appscan
9.0.2.0
ibmsecurity_appscan
9.0.2.1
ibmsecurity_appscan
9.0.3.0
ibmsecurity_appscan
9.0.3.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.ibm.com/support/docview.wss?uid=swg21995118
http://www.ibm.com/support/docview.wss?uid=swg21995118