CVE-2015-6285
Cisco Email Security Appliance 7.6.0 and 8.0.0 - Denial of Service via Format String Specifiers
Title source: llmDescription
Format string vulnerability in Cisco Email Security Appliance (ESA) 7.6.0 and 8.0.0 allows remote attackers to cause a denial of service (memory overwrite or service outage) via format string specifiers in an HTTP request, aka Bug ID CSCug21497.
References (2)
Core 2
Core References
Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/viewAlert.x?alertId=40844
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1033531
Scores
EPSS
0.0142
EPSS Percentile
69.2%
Details
CWE
CWE-134
Status
published
Products (2)
cisco/email_security_appliance
7.6.0
cisco/email_security_appliance
8.0.0
Published
Sep 14, 2015
Tracked Since
Feb 18, 2026