Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2015-2096

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2015-2096
Last Modified 10 Mar 2015 01:26:09
Published 09 Mar 2015 10:59:14
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2015-2096

Summary

Use-after-free vulnerability in the Connect function in the WESPMonitor.WESPMonitorCtrl.1 ActiveX control in WebGate eDVR Manager allows remote attackers to execute arbitrary code via an invalid IP address and a page reload.

Vulnerable Systems

Application

  • Webgateinc Edvr Manager 2.6.4


References

MISC - http://www.zerodayinitiative.com/advisories/ZDI-15-069/


Last Updated: 27 May 2016 11:08:01