CVE-2015-4947

CWE-119 — Buffer Overflow3 documents3 sources

Severity

9.0CRITICAL

EPSS

5.0%

top 10.32%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Http Server

Timeline

PublishedSep 15

Latest updateMay 14

Description

Stack-based buffer overflow in the Administration Server in IBM HTTP Server 6.1.0.x through 6.1.0.47, 7.0.0.x before 7.0.0.39, 8.0.0.x before 8.0.0.12, and 8.5.x before 8.5.5.7, as used in WebSphere Application Server and other products, allows remote authenticated users to execute arbitrary code via unspecified vectors.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 8.0 | Impact: 10.0

Affected Packages1 packages

▶NVDibm/http_server7.0.0.0 — 7.0.0.39+3

🔴Vulnerability Details

GHSA

GHSA-36f3-qhxm-8rcf: Stack-based buffer overflow in the Administration Server in IBM HTTP Server 6↗2022-05-14

▶

CVEList

CVE-2015-4947: Stack-based buffer overflow in the Administration Server in IBM HTTP Server 6↗2015-09-15

▶