CVE-2016-6042

CWE-119 — Buffer Overflow3 documents3 sources

Severity

7.3HIGH

EPSS

0.8%

top 26.48%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Corporation Appscan Enterprise IBM Security Appscan

Timeline

PublishedFeb 1

Latest updateMay 13

Description

IBM AppScan Enterprise Edition could allow a remote attacker to execute arbitrary code on the system, caused by improper handling of objects in memory. By persuading a victim to open specially-crafted content, an attacker could exploit this vulnerability to execute arbitrary code on the system in the same context as the victim.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:HExploitability: 1.3 | Impact: 5.9

Affected Packages2 packages

▶CVEListV5ibm_corporation/appscan_enterprise20 versions+19

▶NVDibm/security_appscan8 versions+7

Patches

Patch: www.ibm.com ↗Patch: www.ibm.com ↗

🔴Vulnerability Details

GHSA

GHSA-c998-93wx-vqcj: IBM AppScan Enterprise Edition could allow a remote attacker to execute arbitrary code on the system, caused by improper handling of objects in memory↗2022-05-13

▶

CVEList

CVE-2016-6042: IBM AppScan Enterprise Edition could allow a remote attacker to execute arbitrary code on the system, caused by improper handling of objects in memory↗2017-02-01

▶