Описание
Stack-based buffer overflow in vpnconf.exe in TheGreenBow IPSec VPN Client 4.51.001, 4.65.003, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via a long OpenScriptAfterUp parameter in a policy (.tgb) file, related to "phase 2."
Ссылки
- Vendor Advisory
- PatchURL Repurposed
- Patch
- Vendor Advisory
- PatchURL Repurposed
- Patch
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:thegreenbow:ipsec_vpn_client:4.51.001:*:*:*:*:*:*:*
cpe:2.3:a:thegreenbow:ipsec_vpn_client:4.65.003:*:*:*:*:*:*:*
EPSS
Процентиль: 95%
0.18968
Средний
9.3 Critical
CVSS2
Дефекты
CWE-119
Связанные уязвимости
github
почти 4 года назад
Stack-based buffer overflow in vpnconf.exe in TheGreenBow IPSec VPN Client 4.51.001, 4.65.003, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via a long OpenScriptAfterUp parameter in a policy (.tgb) file, related to "phase 2."
EPSS
Процентиль: 95%
0.18968
Средний
9.3 Critical
CVSS2
Дефекты
CWE-119