Published: 15/03/2017 Updated: 21/03/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Stack-based buffer overflows in php_Easycom5_3_0.dll in EasyCom for PHP 4.0.0.29 allows remote malicious users to execute arbitrary code via the server argument to the (1) i5_connect, (2) i5_pconnect, or (3) i5_private_connect API function.

Vulnerable Product	Search on Vulmon	Subscribe to Product
easycom-aura easycom for php 4.0.0.29

[+] Credits: John Page AKA Hyp3rlinX [+] Website: hyp3rlinxaltervistaorg [+] Source: hyp3rlinxaltervistaorg/advisories/EASYCOM-PHP-API-BUFFER-OVERFLOWtxt [+] ISR: ApparitionSec Vendor: ================ easycom-auracom Product: =========================== EASYCOM AS400 (iBMI) PHP API EasycomPHP_40029iC8im2exe EAS ...

The EasyCom AS400 (iBMI) PHP API suffers from a buffer overflow vulnerability ...

CWE-119 https://www.exploit-db.com/exploits/41425/http://www.securityfocus.com/bid/96419 http://seclists.org/fulldisclosure/2017/Feb/60 http://packetstormsecurity.com/files/141299/EasyCom-AS400-PHP-API-Buffer-Overflow.html http://hyp3rlinx.altervista.org/advisories/EASYCOM-PHP-API-BUFFER-OVERFLOW.txt https://nvd.nist.gov https://www.exploit-db.com/exploits/41425/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2017-5358

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect