Описание
Multiple buffer overflows in CA XOsoft r12.0 and r12.5 allow remote attackers to execute arbitrary code via (1) a malformed request to the ws_man/xosoapapi.asmx SOAP endpoint or (2) a long string to the entry_point.aspx service.
Ссылки
- Patch
- PatchVendor Advisory
- Patch
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:ca:xosoft_content_distribution:r12.0:*:*:*:*:*:*:*
cpe:2.3:a:ca:xosoft_content_distribution:r12.5:*:*:*:*:*:*:*
cpe:2.3:a:ca:xosoft_high_availability:r12.0:*:*:*:*:*:*:*
cpe:2.3:a:ca:xosoft_high_availability:r12.5:*:*:*:*:*:*:*
cpe:2.3:a:ca:xosoft_replication:r12.0:*:*:*:*:*:*:*
cpe:2.3:a:ca:xosoft_replication:r12.5:*:*:*:*:*:*:*
EPSS
Процентиль: 97%
0.37555
Средний
10 Critical
CVSS2
Дефекты
CWE-119
Связанные уязвимости
github
почти 4 года назад
Multiple buffer overflows in CA XOsoft r12.0 and r12.5 allow remote attackers to execute arbitrary code via (1) a malformed request to the ws_man/xosoapapi.asmx SOAP endpoint or (2) a long string to the entry_point.aspx service.
EPSS
Процентиль: 97%
0.37555
Средний
10 Critical
CVSS2
Дефекты
CWE-119