|CVSS SCORE||8.8, (AV:N/AC:M/Au:N/C:N/I:C/A:C)|
|TIPPINGPOINT™ IPS CUSTOMER PROTECTION||TippingPoint IPS customers are protected against this vulnerability by Digital Vaccine protection filter ID 20175. For further product information on the TippingPoint IPS: http://www.tippingpoint.com|
The specific flaw exists within the edit_lf_process resource of the AccuRev Reprise License Manager service. The issue lies in the ability to write arbitrary files with controlled data. An attacker could leverage this vulnerability to execute arbitrary code under the context of SYSTEM.
07/09/2015 - ZDI emailed vendor and requested contact