CVE-2019-17415

EUVD-2019-7812
A Structured Exception Handler (SEH) based buffer overflow in File Sharing Wizard 1.5.0 26-8-2008 allows remote unauthenticated attackers to execute arbitrary code via the HTTP DELETE method, a similar issue to CVE-2019-16724 and CVE-2010-2331.
Classic Buffer Overflow
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 89%
Affected Products (NVD)
VendorProductVersion
upredsunfile_sharing_wizard
1.5.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://packetstormsecurity.com/files/154738/File-Sharing-Wizard-1.5.0-DELETE-SEH-Buffer-Overflow.html
https://packetstormsecurity.com/files/154738/File-Sharing-Wizard-1.5.0-DELETE-SEH-Buffer-Overflow.html