exploitDog

GHSA-wqrv-3v4p-x44f

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

IBM Emptoris Contract Management 9.5.0.x before 9.5.0.6 iFix15, 10.0.0.x and 10.0.1.x before 10.0.1.5 iFix5, 10.0.2.x before 10.0.2.7 iFix4, and 10.0.4.x before 10.0.4.0 iFix3 allows remote attackers to execute arbitrary code by including a crafted Flash file.

IBM Emptoris Contract Management 9.5.0.x before 9.5.0.6 iFix15, 10.0.0.x and 10.0.1.x before 10.0.1.5 iFix5, 10.0.2.x before 10.0.2.7 iFix4, and 10.0.4.x before 10.0.4.0 iFix3 allows remote attackers to execute arbitrary code by including a crafted Flash file.

Ссылки

EPSS

Процентиль: 70%

0.00622

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-20

Связанные уязвимости

CVE-2015-5042

CVSS3: 7.5

nvd

почти 10 лет назад

IBM Emptoris Contract Management 9.5.0.x before 9.5.0.6 iFix15, 10.0.0.x and 10.0.1.x before 10.0.1.5 iFix5, 10.0.2.x before 10.0.2.7 iFix4, and 10.0.4.x before 10.0.4.0 iFix3 allows remote attackers to execute arbitrary code by including a crafted Flash file.

EPSS

Процентиль: 70%

0.00622

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-20