Stack-based Buffer Overflow in IBM HTTP Server and WebSphere Application Server
CVE-2015-4947

Currently unrated

Key Information:

Vendor: IBM
Status: Http Server
Vendor: CVE Published:; 15 September 2015

What is CVE-2015-4947?

A stack-based buffer overflow vulnerability exists in the Administration Server of IBM HTTP Server, impacting numerous product versions including 6.1.0.x up to 6.1.0.47, 7.0.0.x prior to 7.0.0.39, 8.0.0.x before 8.0.0.12, and 8.5.x before 8.5.5.7. This flaw allows authenticated remote users to exploit unspecified methods to execute arbitrary code, potentially compromising the security integrity of systems using the affected versions.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21965419

x_refsource_CONFIRM

http://www.securityfocus.com/bid/76658

vdb-entryx_refsource_BID

http://www-01.ibm.com/support/docview.wss?uid=swg1PI45596

vendor-advisoryx_refsource_AIXAPAR

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 15, 2015
Vulnerability Reserved
Jun 24, 2015