Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
IBM Aspera code execution
Vulnerability Description
IBM Aspera Cargo 4.2.5 and IBM Aspera Connect 4.2.5 are vulnerable to a buffer overflow, caused by improper bounds checking. An attacker could overflow a buffer and execute arbitrary code on the system. IBM X-Force ID: 248616.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
内存缓冲区边界内操作的限制不恰当
Vulnerability Title
IBM Aspera 缓冲区错误漏洞
Vulnerability Description
IBM Aspera是美国国际商业机器(IBM)公司的一套基于IBM FASP协议构建的快速文件传输和流解决方案。 IBM Aspera Cargo 4.2.5版本、IBM Aspera Connect 4.2.5版本存在缓冲区错误漏洞,该漏洞源于边界检查不正确,导致缓冲区溢出。攻击者利用该漏洞可以在系统上执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A