Integer Overflow Vulnerability in Dell NetVault Backup
CVE-2015-4067

Currently unrated

Key Information:

Vendor: Dell
Status: Netvault Backup
Vendor: CVE Published:; 29 May 2015

What is CVE-2015-4067?

An integer overflow in the libnv6 module of Dell NetVault Backup prior to version 10.0.5 allows remote attackers to exploit crafted template string specifiers in a serialized object. This vulnerability can lead to execution of arbitrary code through a heap-based buffer overflow, compromising the system's integrity and security.

References

http://www.zerodayinitiative.com/advisories/ZDI-15-240/

x_refsource_MISC

http://www.securityfocus.com/bid/74841

vdb-entryx_refsource_BID

EPSS Score

8% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 29, 2015
Vulnerability Reserved
May 22, 2015