CVE-2017-15220

Flexense VX Search Enterprise 10.1.12 is vulnerable to a buffer overflow via an empty POST request to a long URI beginning with a /../ substring. This allows remote attackers to execute arbitrary code.
References
Link Resource
https://www.exploit-db.com/exploits/42973/ Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

cpe:2.3:a:flexense:vx_search:10.1.12:*:*:*:enterprise:*:*:*

History

No history.

Information

Published : 2017-10-11 13:29

Updated : 2024-02-04 19:29


NVD link : CVE-2017-15220

Mitre link : CVE-2017-15220

CVE.ORG link : CVE-2017-15220


JSON object : View

Products Affected

flexense

  • vx_search
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer