|CVSS SCORE||7.1, (AV:N/AC:M/Au:N/C:N/I:N/A:C)|
|TREND MICRO CUSTOMER PROTECTION||Trend Micro TippingPoint IPS customers are protected against this vulnerability by Digital Vaccine protection filter ID 20179. For further product information on the TippingPoint IPS: http://www.tippingpoint.com|
The specific flaw exists within the diagonostic_doit command of the AccuRev Reprise License Manager service. The issue lies in the handling of paths by the 'outputfile' function. An attacker could leverage this vulnerability to overwrite arbitrary files with diagnostic information under the context of SYSTEM.
07/09/2015 - ZDI emailed vendor and requested contact