Multiple stack-based buffer overflows in the Reprise License Manager service in Borland AccuRev allow remote attackers to execute arbitrary code via the (1) akey or (2) actserver parameter to the activate_doit function or (3) licfile parameter to the service_startup_doit functionality.
References
| Link | Resource |
|---|---|
| http://www.zerodayinitiative.com/advisories/ZDI-15-412 | Third Party Advisory VDB Entry |
| http://www.zerodayinitiative.com/advisories/ZDI-15-414/ | Third Party Advisory VDB Entry |
| http://www.zerodayinitiative.com/advisories/ZDI-15-416 | Third Party Advisory VDB Entry |
| https://redr2e.com/cve-to-poc-cve-2015-6946/ | Exploit Third Party Advisory |
| http://www.zerodayinitiative.com/advisories/ZDI-15-412 | Third Party Advisory VDB Entry |
| http://www.zerodayinitiative.com/advisories/ZDI-15-414/ | Third Party Advisory VDB Entry |
| http://www.zerodayinitiative.com/advisories/ZDI-15-416 | Third Party Advisory VDB Entry |
| https://redr2e.com/cve-to-poc-cve-2015-6946/ | Exploit Third Party Advisory |
Configurations
History
21 Nov 2024, 02:35
| Type | Values Removed | Values Added |
|---|---|---|
| References | () http://www.zerodayinitiative.com/advisories/ZDI-15-412 - Third Party Advisory, VDB Entry | |
| References | () http://www.zerodayinitiative.com/advisories/ZDI-15-414/ - Third Party Advisory, VDB Entry | |
| References | () http://www.zerodayinitiative.com/advisories/ZDI-15-416 - Third Party Advisory, VDB Entry | |
| References | () https://redr2e.com/cve-to-poc-cve-2015-6946/ - Exploit, Third Party Advisory |
Information
Published : 2015-09-15 18:59
Updated : 2025-04-12 10:46
NVD link : CVE-2015-6946
Mitre link : CVE-2015-6946
CVE.ORG link : CVE-2015-6946
JSON object : View
Products Affected
microfocus
- accurev
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer