CVE-2014-6119
Summary
| CVE | CVE-2014-6119 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2014-12-23 02:59:00 UTC |
| Updated | 2017-09-08 01:29:00 UTC |
| Description | IBM Security AppScan Enterprise 8.5 before 8.5 IFix 002, 8.6 before 8.6 IFix 004, 8.7 before 8.7 IFix 004, 8.8 before 8.8 iFix 003, 9.0 before 9.0.0.1 iFix 003, and 9.0.1 before 9.0.1 iFix 001 allows remote attackers to execute arbitrary code via a crafted executable file in an archive. |
Risk And Classification
Problem Types: CWE-94
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Ibm | Security Appscan | 8.5 | All | All | All |
| Application | Ibm | Security Appscan | 8.6 | All | All | All |
| Application | Ibm | Security Appscan | 8.7 | All | All | All |
| Application | Ibm | Security Appscan | 8.8 | All | All | All |
| Application | Ibm | Security Appscan | 9.0 | All | All | All |
| Application | Ibm | Security Appscan | 9.0.0.1 | All | All | All |
| Application | Ibm | Security Appscan | 8.5 | All | All | All |
| Application | Ibm | Security Appscan | 8.6 | All | All | All |
| Application | Ibm | Security Appscan | 8.7 | All | All | All |
| Application | Ibm | Security Appscan | 8.8 | All | All | All |
| Application | Ibm | Security Appscan | 9.0 | All | All | All |
| Application | Ibm | Security Appscan | 9.0.0.1 | All | All | All |
| Application | Ibm | Security Appscan Source | 9.0.1 | All | All | All |
| Application | Ibm | Security Appscan Source | 9.0.1 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Security Advisory SA62012 - IBM Security AppScan Standard Archive Handling Security Bypass Vulnerability - Secunia | SECUNIA | secunia.com | |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| IBM Security AppScan Enterprise Bugs Let Remote Users Conduct Cross-Site Scrpting Attacks and Gain Full Control of the Target System - SecurityTracker | SECTRACK | www.securitytracker.com | |
| IBM Security Bulletin: Multiple vulnerabilities in AppScan Enterprise (CVE-2014-6135, CVE-2014-6119, CVE-2014-6122, CVE-2014-6121, CVE-2013-2566, CVE-2005-2969) - United States | CONFIRM | www-01.ibm.com | Vendor Advisory |
| IBM notice: The page you requested cannot be displayed | CONFIRM | www-01.ibm.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.