CVE-2015-0795

{"id": "CVE-2015-0795", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2015-07-18T10:59:00.087", "references": [{"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-340/", "source": "security@opentext.com"}, {"url": "https://www.netiq.com/support/kb/doc.php?id=7016656", "source": "security@opentext.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Multiple stack-based buffer overflows in the SafeShellExecute method in the NetIQExecObject.NetIQExec.1 ActiveX control in NetIQExec.dll in NetIQ Security Solutions for iSeries 8.1 allow remote attackers to execute arbitrary code via long arguments, aka ZDI-CAN-2699."}, {"lang": "es", "value": "M\u00faltiple desbordamiento de pila del buffer en el m\u00e9todo SafeShellExecute en NestlQ Security Solutions para iSeries 8.1 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de largos argumentos, tambi\u00e9n conocidos como ZDI-CAN-2699."}], "lastModified": "2023-11-07T02:23:34.263", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microfocus:security_solutions_for_iseries:8.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3D548DC2-D747-42D8-AEAC-00336E0CA95D"}], "operator": "OR"}]}], "sourceIdentifier": "security@opentext.com"}