CVE-2016-3147

9.8CRITICAL

Key Information:

Vendor: Ivanti
Status: Landesk Management Suite
Vendor: CVE Published:; 23 January 2017

Summary

Buffer overflow in the collector.exe listener of the Landesk Management Suite 10.0.0.271 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large packet.

References

http://www.securityfocus.com/bid/93565

vdb-entryx_refsource_BID

https://www.securifera.com/advisories/cve-2016-3147/

x_refsource_MISC

EPSS Score

2% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 23, 2017
Vulnerability Reserved
Mar 14, 2016

Collectors

NVD DatabaseMitre Database