Описание
Stack-based buffer overflow in SafeNet SoftRemote 10.8.5 (Build 2) and 10.3.5 (Build 6), and possibly other versions before 10.8.9, allows local users to execute arbitrary code via a long string in a (1) TREENAME or (2) GROUPNAME Policy file (spd).
Ссылки
- Vendor AdvisoryURL Repurposed
- Vendor Advisory
- Vendor AdvisoryURL Repurposed
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 10.8.8 (включая)
Одно из
cpe:2.3:a:safenet-inc:softremote:*:*:*:*:*:*:*:*
cpe:2.3:a:safenet-inc:softremote:1.7.1:*:*:*:*:*:*:*
cpe:2.3:a:safenet-inc:softremote:1.7.2:*:*:*:*:*:*:*
cpe:2.3:a:safenet-inc:softremote:1.7.7:*:*:*:*:*:*:*
cpe:2.3:a:safenet-inc:softremote:1.8.1:*:*:*:*:*:*:*
cpe:2.3:a:safenet-inc:softremote:1.9.0:*:*:*:*:*:*:*
cpe:2.3:a:safenet-inc:softremote:10.3.5:*:*:*:*:*:*:*
cpe:2.3:a:safenet-inc:softremote:10.7.7:*:*:*:*:*:*:*
cpe:2.3:a:safenet-inc:softremote:10.8.0:*:*:*:*:*:*:*
cpe:2.3:a:safenet-inc:softremote:10.8.1:*:*:*:*:*:*:*
cpe:2.3:a:safenet-inc:softremote:10.8.2:*:*:*:*:*:*:*
cpe:2.3:a:safenet-inc:softremote:10.8.3:*:*:*:*:*:*:*
cpe:2.3:a:safenet-inc:softremote:10.8.4:*:*:*:*:*:*:*
cpe:2.3:a:safenet-inc:softremote:10.8.5:*:*:*:*:*:*:*
cpe:2.3:a:safenet-inc:softremote:10.8.6:*:*:*:*:*:*:*
cpe:2.3:a:safenet-inc:softremote:10.8.7:*:*:*:*:*:*:*
EPSS
Процентиль: 91%
0.06573
Низкий
6.9 Medium
CVSS2
Дефекты
CWE-119
Связанные уязвимости
github
почти 4 года назад
Stack-based buffer overflow in SafeNet SoftRemote 10.8.5 (Build 2) and 10.3.5 (Build 6), and possibly other versions before 10.8.9, allows local users to execute arbitrary code via a long string in a (1) TREENAME or (2) GROUPNAME Policy file (spd).
EPSS
Процентиль: 91%
0.06573
Низкий
6.9 Medium
CVSS2
Дефекты
CWE-119