CVE-2014-3913

Eromic AccessNow Server - Buffer Overflow

Title source: llm

Description

Stack-based buffer overflow in AccessServer32.exe in Ericom AccessNow Server allows remote attackers to execute arbitrary code via a request for a non-existent file.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/33817

View Code ZIP pw:eip

metasploit WORKING POC NORMAL

by Unknown, juan vazquez · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/ericom_access_now_bof.rb

View Code ZIP pw:eip

References (5)

[Exploit] http://packetstormsecurity.com/files/127152/Ericom-AccessNow-Server-Buffer-Overflow.html

[Various Sources] http://www.ericom.com/security-ERM-2014-610.asp

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/67777

[Exploit, Third Party Advisory] http://www.exploit-db.com/exploits/33817

[Third Party Advisory] http://www.zerodayinitiative.com/advisories/ZDI-14-160

Scores

EPSS 0.7874

EPSS Percentile 99.1%

Details

CWE

CWE-119

Status published

Products (1)

ericom/accessnow_server

Published Jun 04, 2014

Tracked Since Feb 18, 2026