CVE-2020-4467
published 2020-05-14CVE-2020-4467: IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by memory corruption. By persuading a…
high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by memory corruption. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim or cause the application to crash. IBM X-Force ID: 181721.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | i2_analysts_notebook | — | — |
| qemu | qemu | >= 0 < 1:2.5+dfsg-5ubuntu10.51 | 1:2.5+dfsg-5ubuntu10.51 |
| qemu | qemu | >= 0 < 1:2.11+dfsg-1ubuntu7.36 | 1:2.11+dfsg-1ubuntu7.36 |
| qemu | qemu | >= 0 < 1:4.2-3ubuntu6.14 | 1:4.2-3ubuntu6.14 |
| qemu | qemu | >= 0 < 2.0.0+dfsg-2ubuntu1.47+esm1 | 2.0.0+dfsg-2ubuntu1.47+esm1 |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
osv6.7MEDIUM