CVE-2015-6946

Micro Focus AccuRev - Remote Code Execution via Reprise License Manager Service Parameter Overflow

Title source: llm
STIX 2.1

Description

Multiple stack-based buffer overflows in the Reprise License Manager service in Borland AccuRev allow remote attackers to execute arbitrary code via the (1) akey or (2) actserver parameter to the activate_doit function or (3) licfile parameter to the service_startup_doit functionality.

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-15-414/
Third Party Advisory, VDB Entry x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-15-416
Exploit, Third Party Advisory x_refsource_misc
https://redr2e.com/cve-to-poc-cve-2015-6946/
Third Party Advisory, VDB Entry x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-15-412

Scores

EPSS 0.3708
EPSS Percentile 97.2%

Details

CWE
CWE-119
Status published
Products (1)
microfocus/accurev
Published Sep 15, 2015
Tracked Since Feb 18, 2026