CVE-2015-4947
Published Sep 15, 2015
Last updated 6 years ago
Overview
- Description
- Stack-based buffer overflow in the Administration Server in IBM HTTP Server 6.1.0.x through 6.1.0.47, 7.0.0.x before 7.0.0.39, 8.0.0.x before 8.0.0.12, and 8.5.x before 8.5.5.7, as used in WebSphere Application Server and other products, allows remote authenticated users to execute arbitrary code via unspecified vectors.
- Source
- psirt@us.ibm.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 9
- Impact score
- 10
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-119
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:http_server:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "78F18FE4-83BA-432A-9C0C-0FAC4314E050",
"versionEndIncluding": "6.1.0.47",
"versionStartIncluding": "6.1.0.0"
},
{
"criteria": "cpe:2.3:a:ibm:http_server:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "07BDE0FE-10BB-4F11-8A59-720987298913",
"versionEndExcluding": "7.0.0.39",
"versionStartIncluding": "7.0.0.0"
},
{
"criteria": "cpe:2.3:a:ibm:http_server:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C8AD985A-F098-47F6-90B5-D5A3285736D1",
"versionEndExcluding": "8.0.0.12",
"versionStartIncluding": "8.0.0.0"
},
{
"criteria": "cpe:2.3:a:ibm:http_server:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1FB17D1E-FEF4-4E1B-88A7-764CA673A686",
"versionEndExcluding": "8.5.5.7",
"versionStartIncluding": "8.5.0.0"
}
],
"operator": "OR"
}
]
}
]