var-200604-0559
Vulnerability from variot
Buffer overflow in JuniperSetupDLL.dll, loaded from JuniperSetup.ocx by the Juniper SSL-VPN Client when accessing a Juniper NetScreen IVE device running IVE OS before 4.2r8.1, 5.0 before 5.0r6.1, 5.1 before 5.1r8, 5.2 before 5.2r4.1, or 5.3 before 5.3r2.1, allows remote attackers to execute arbitrary code via a long argument in the ProductName parameter. Juniper SSL-VPN Client ActiveX control is prone to a buffer-overflow vulnerability. The software fails to perform sufficient bounds-checking of user-supplied input before copying it to an insufficiently sized memory buffer. Invoking the object from a malicious website may trigger the condition. If the vulnerability were successfully exploited, this would corrupt process memory, resulting in arbitrary code execution. Juniper's SSL VPN series products can provide users with secure remote access services. JuniperSetupDLL.dll is loaded from the JuniperSetup.ocx ActiveX control. If the following super long string is specified in the ProductName parameter, a stack overflow will be triggered in the JuniperSetupDLL.dll function: --- object classid=\"clsid: E5F5D008-DD2C-4D32-977D-1A0ADF03058B\" id= NeoterisSetup codebase=\"path_to_JuniperSetup.cab#version=1,0,0,3\" > ..... ---PARAM NAME=\"ProductName\" VALUE=\"AAAAAAA (long \'\'A\ '\')\" > ..... script language=javascript NeoterisSetup.startSession(); end script The vulnerable function is as follows: .text: 04F15783 ; int __stdcall sub_4F15783_ilvdlp(char *szProductName, LPCSTR lpValueName, LPBYTE lpData, LPDWORD lpcbData) .text: 04F15783 sub_4F15783_ilvdlp proc near .text: 04F15783 .text: 04F15783 SubKey = byte ptr -10Ch .text: 04F15783 Type = dword ptr -8 .text: 04F15783 hKey = dword ptr -4 ... This can be exploited to cause a stack-based buffer overflow when the control is instantiated with an overly long "ProductName" parameter. tricked into visiting a malicious web site.
The vulnerability has been reported in versions 1.x through 5.x.
SOLUTION: Update to IVE software version 5.3r2.1, 5.2r4.1, 5.1r8, 5.0r6.1, or 4.2r8.1.
PROVIDED AND/OR DISCOVERED BY: Yuji Ukai, eEye Digital Security.
ORIGINAL ADVISORY: eEye Digital Security: http://www.eeye.com/html/research/advisories/AD20060424.html
Juniper Networks: http://www.juniper.net/support/security/alerts/PSN-2006-03-013.txt
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200604-0559",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "junipersetup control",
"scope": null,
"trust": 1.4,
"vendor": "juniper",
"version": null
},
{
"model": "junipersetup control",
"scope": "eq",
"trust": 1.0,
"vendor": "juniper",
"version": "*"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": "vpn-ssl-vpn ive",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.x"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#477604"
},
{
"db": "BID",
"id": "17712"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-003966"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-546"
},
{
"db": "NVD",
"id": "CVE-2006-2086"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:juniper:junipersetup_control",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-003966"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Yuji Ukai",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200604-546"
}
],
"trust": 0.6
},
"cve": "CVE-2006-2086",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2006-2086",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-18194",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-2086",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#477604",
"trust": 0.8,
"value": "14.22"
},
{
"author": "NVD",
"id": "CVE-2006-2086",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200604-546",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-18194",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#477604"
},
{
"db": "VULHUB",
"id": "VHN-18194"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-003966"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-546"
},
{
"db": "NVD",
"id": "CVE-2006-2086"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in JuniperSetupDLL.dll, loaded from JuniperSetup.ocx by the Juniper SSL-VPN Client when accessing a Juniper NetScreen IVE device running IVE OS before 4.2r8.1, 5.0 before 5.0r6.1, 5.1 before 5.1r8, 5.2 before 5.2r4.1, or 5.3 before 5.3r2.1, allows remote attackers to execute arbitrary code via a long argument in the ProductName parameter. Juniper SSL-VPN Client ActiveX control is prone to a buffer-overflow vulnerability. The software fails to perform sufficient bounds-checking of user-supplied input before copying it to an insufficiently sized memory buffer. \nInvoking the object from a malicious website may trigger the condition. If the vulnerability were successfully exploited, this would corrupt process memory, resulting in arbitrary code execution. Juniper\u0027s SSL VPN series products can provide users with secure remote access services. JuniperSetupDLL.dll is loaded from the JuniperSetup.ocx ActiveX control. If the following super long string is specified in the ProductName parameter, a stack overflow will be triggered in the JuniperSetupDLL.dll function: --- object classid=\\\"clsid: E5F5D008-DD2C-4D32-977D-1A0ADF03058B\\\" id= NeoterisSetup codebase=\\\"path_to_JuniperSetup.cab#version=1,0,0,3\\\" \u003e ..... ---PARAM NAME=\\\"ProductName\\\" VALUE=\\\"AAAAAAA (long \\\u0027\\\u0027A\\ \u0027\\\u0027)\\\" \u003e ..... script language=javascript NeoterisSetup.startSession(); end script The vulnerable function is as follows: .text: 04F15783 ; int __stdcall sub_4F15783_ilvdlp(char *szProductName, LPCSTR lpValueName, LPBYTE lpData, LPDWORD lpcbData) .text: 04F15783 sub_4F15783_ilvdlp proc near .text: 04F15783 .text: 04F15783 SubKey = byte ptr -10Ch .text: 04F15783 Type = dword ptr -8 .text: 04F15783 hKey = dword ptr -4 ... This\ncan be exploited to cause a stack-based buffer overflow when the\ncontrol is instantiated with an overly long \"ProductName\" parameter. tricked into visiting a malicious web site. \n\nThe vulnerability has been reported in versions 1.x through 5.x. \n\nSOLUTION:\nUpdate to IVE software version 5.3r2.1, 5.2r4.1, 5.1r8, 5.0r6.1, or\n4.2r8.1. \n\nPROVIDED AND/OR DISCOVERED BY:\nYuji Ukai, eEye Digital Security. \n\nORIGINAL ADVISORY:\neEye Digital Security:\nhttp://www.eeye.com/html/research/advisories/AD20060424.html\n\nJuniper Networks:\nhttp://www.juniper.net/support/security/alerts/PSN-2006-03-013.txt\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2086"
},
{
"db": "CERT/CC",
"id": "VU#477604"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-003966"
},
{
"db": "BID",
"id": "17712"
},
{
"db": "VULHUB",
"id": "VHN-18194"
},
{
"db": "PACKETSTORM",
"id": "45765"
}
],
"trust": 2.79
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-18194",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-18194"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#477604",
"trust": 3.3
},
{
"db": "SECUNIA",
"id": "19842",
"trust": 2.6
},
{
"db": "NVD",
"id": "CVE-2006-2086",
"trust": 2.5
},
{
"db": "BID",
"id": "17712",
"trust": 2.0
},
{
"db": "VUPEN",
"id": "ADV-2006-1543",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1016000",
"trust": 1.7
},
{
"db": "SREASON",
"id": "819",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "25001",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2006-003966",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200604-546",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20060426 [EEYEB-20060227] JUNIPER NETWORKS SSL-VPN CLIENT BUFFER OVERFLOW",
"trust": 0.6
},
{
"db": "XF",
"id": "26077",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "16568",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-71082",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "83003",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-18194",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "45765",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#477604"
},
{
"db": "VULHUB",
"id": "VHN-18194"
},
{
"db": "BID",
"id": "17712"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-003966"
},
{
"db": "PACKETSTORM",
"id": "45765"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-546"
},
{
"db": "NVD",
"id": "CVE-2006-2086"
}
]
},
"id": "VAR-200604-0559",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-18194"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:10:14.704000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "PSN-2006-03-013.txt",
"trust": 0.8,
"url": "http://www.juniper.net/support/security/alerts/PSN-2006-03-013.txt"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-003966"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-2086"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.kb.cert.org/vuls/id/477604"
},
{
"trust": 1.8,
"url": "http://www.juniper.net/support/security/alerts/psn-2006-03-013.txt"
},
{
"trust": 1.8,
"url": "http://www.eeye.com/html/research/advisories/ad20060424.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/17712"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/25001"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1016000"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/19842"
},
{
"trust": 1.7,
"url": "http://securityreason.com/securityalert/819"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/432155/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2006/1543"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26077"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/19842/"
},
{
"trust": 0.8,
"url": "http://www.juniper.net/support/security/alerts/psn-2006-03-013.txt "
},
{
"trust": 0.8,
"url": "http://www.eeye.com/html/research/advisories/ad20060424.html "
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-2086"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-2086"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/432155/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/26077"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/1543"
},
{
"trust": 0.3,
"url": "http://www.juniper.net/"
},
{
"trust": 0.3,
"url": "http://juniper.net/support/security/security_notices.html"
},
{
"trust": 0.3,
"url": "/archive/1/432155"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/6644/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/6645/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#477604"
},
{
"db": "VULHUB",
"id": "VHN-18194"
},
{
"db": "BID",
"id": "17712"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-003966"
},
{
"db": "PACKETSTORM",
"id": "45765"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-546"
},
{
"db": "NVD",
"id": "CVE-2006-2086"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#477604"
},
{
"db": "VULHUB",
"id": "VHN-18194"
},
{
"db": "BID",
"id": "17712"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-003966"
},
{
"db": "PACKETSTORM",
"id": "45765"
},
{
"db": "CNNVD",
"id": "CNNVD-200604-546"
},
{
"db": "NVD",
"id": "CVE-2006-2086"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-05-04T00:00:00",
"db": "CERT/CC",
"id": "VU#477604"
},
{
"date": "2006-04-29T00:00:00",
"db": "VULHUB",
"id": "VHN-18194"
},
{
"date": "2006-04-26T00:00:00",
"db": "BID",
"id": "17712"
},
{
"date": "2014-03-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-003966"
},
{
"date": "2006-04-27T21:57:26",
"db": "PACKETSTORM",
"id": "45765"
},
{
"date": "2006-04-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200604-546"
},
{
"date": "2006-04-29T10:02:00",
"db": "NVD",
"id": "CVE-2006-2086"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-05-04T00:00:00",
"db": "CERT/CC",
"id": "VU#477604"
},
{
"date": "2018-10-18T00:00:00",
"db": "VULHUB",
"id": "VHN-18194"
},
{
"date": "2006-04-27T18:21:00",
"db": "BID",
"id": "17712"
},
{
"date": "2014-03-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-003966"
},
{
"date": "2006-04-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200604-546"
},
{
"date": "2024-11-21T00:10:31.443000",
"db": "NVD",
"id": "CVE-2006-2086"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200604-546"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Juniper Networks IVE client ActiveX control buffer overflow",
"sources": [
{
"db": "CERT/CC",
"id": "VU#477604"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200604-546"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…