NVD

Id
26777  
Name
CVE-2015-5689  
Description
ghostexp.exe in Ghost Explorer Utility in Symantec Ghost Solutions Suite (GSS) before 3.0 HF2 12.0.0.8010 and Symantec Deployment Solution (DS) before 7.6 HF4 12.0.0.7045 performs improper sign-extend operations before array-element accesses, which allows remote attackers to execute arbitrary code, cause a denial of service (application crash), or possibly obtain sensitive information via a crafted Ghost image.  
Reject
 
CVSS Version
2  
CVSS Score
6.8  
Severity
Medium  
CVSS Base Score
6.8  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-19  
Published
2015-09-20  
Modified Date
2016-12-21  
Seq
2015-5689  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
141680 26777 CVE-2015-5689 76498  View
141681 26777 CVE-2015-5689 1033577  View
141682 26777 CVE-2015-5689 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20150902_00  View
141683 26777 CVE-2015-5689 http://zerodayinitiative.com/advisories/ZDI-15-419/  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
9576 JVNDB-2015-004896 Symantec Ghost Solutions Suite および Symantec Deployment Solution の Ghost Explorer ユーティリティの ghostexp.exe における任意のコードを実行される脆弱性 Symantec Ghost Solutions Suite (GSS) および Symantec Deployment Solution (DS) の Ghost Explorer ユーティリティの ghostexp.exe は、配列要素のアクセス前に不適切な符号拡張オペレーションを行うため、任意のコードを実行される、サービス運用妨害 (アプリケーションクラッシュ) 状態にされる、または重要な情報を取得される脆弱性が存在します。 CVE-2015-5689 82914 CVE-2015-5689 26777 6.8 http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-004896.html 2015-09-02 2015-09-29 View