CVE-2016-4853

HIGH

Happy Wardrobe - OS Command Injection via Crafted Saved Data

Title source: llm
STIX 2.1

Description

AKABEi SOFT2 games allow remote attackers to execute arbitrary OS commands via crafted saved data, as demonstrated by Happy Wardrobe.

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry third-party-advisory x_refsource_jvn
http://jvn.jp/en/jp/JVN85213412/index.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/92700
Third Party Advisory, VDB Entry third-party-advisory x_refsource_jvndb
http://jvndb.jvn.jp/jvndb/JVNDB-2016-000154
Third Party Advisory, VDB Entry x_refsource_confirm
http://jvn.jp/en/jp/JVN85213412/995740/index.html

Scores

CVSS v3 7.8
EPSS 0.0153
EPSS Percentile 71.7%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-78
Status published
Products (1)
akabei_soft2/happy_wardrobe
Published Sep 02, 2016
Tracked Since Feb 18, 2026