Vulnerability Description
Stack-based buffer overflow in the Administration Server in IBM HTTP Server 6.1.0.x through 6.1.0.47, 7.0.0.x before 7.0.0.39, 8.0.0.x before 8.0.0.12, and 8.5.x before 8.5.5.7, as used in WebSphere Application Server and other products, allows remote authenticated users to execute arbitrary code via unspecified vectors.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Http Server | >= 6.1.0.0, <= 6.1.0.47 |
Related Weaknesses (CWE)
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI44793Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI45596Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21965419Vendor Advisory
- http://www.securityfocus.com/bid/76658Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1033512Third Party AdvisoryVDB Entry
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI44793Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI45596Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21965419Vendor Advisory
- http://www.securityfocus.com/bid/76658Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1033512Third Party AdvisoryVDB Entry
FAQ
What is CVE-2015-4947?
CVE-2015-4947 is a vulnerability with a CVSS score of 9.0 (HIGH). Stack-based buffer overflow in the Administration Server in IBM HTTP Server 6.1.0.x through 6.1.0.47, 7.0.0.x before 7.0.0.39, 8.0.0.x before 8.0.0.12, and 8.5.x before 8.5.5.7, as used in WebSphere A...
How severe is CVE-2015-4947?
CVE-2015-4947 has been rated HIGH with a CVSS base score of 9.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-4947?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Http Server.