KLA10705
Code execution vulnerabilities in Tibbo AggreGate.

Обновлено: 03/06/2020
Дата обнаружения
19/11/2015
Уровень угрозы
Critical
Описание

Successful exploitation of the identified vulnerabilities may allow an attacker to execute arbitrary code and commands.

  1. Unknown vulnerability at Ice Faces servlet allows remote attackers to upload and execute arbitrary Java code via a specially designed XML document;
  2. Unknown vulnerability allows local users to execute arbitrary Java code with SYSTEM privileges by using the Apache Axis AdminService deployment method to publish a class.
Пораженные продукты

Tibbo AggreGate Platform Version 5.21.02 and prior versions.

Решение

Update to the latest version
Download new version.

Оказываемое влияние
?
ACE 
[?]
Связанные продукты
AggreGate
CVE-IDS
CVE-2015-79137.2High
Узнай статистику распространения уязвимостей в твоем регионе