CVE-2015-4067 - OpenCVE

Integer overflow in the libnv6 module in Dell NetVault Backup before 10.0.5 allows remote attackers to execute arbitrary code via crafted template string specifiers in a serialized object, which triggers a heap-based buffer overflow.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Dell	Netvault Backup

Configuration 1 [-]

cpe:2.3:a:dell:netvault_backup:10.0.5:*:*:*:*:*:*:*

References

Link	Resource
http://www.securityfocus.com/bid/74841
http://www.zerodayinitiative.com/advisories/ZDI-15-240/

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2015-05-29T15:00:00

Updated: 2016-12-02T20:57:01

Reserved: 2015-05-22T00:00:00

Link: CVE-2015-4067

JSON object: View

NVD Information

Status : Modified

Published: 2015-05-29T15:59:22.390

Modified: 2016-12-06T03:02:04.310

Link: CVE-2015-4067

JSON object: View

Redhat Information

No data.

CWE

CWE-189