Executive Summary

Informations
Name CVE-2014-3791 First vendor Publication 2014-05-20
Vendor Cve Last vendor Modification 2014-05-21

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Stack-based buffer overflow in Easy File Sharing (EFS) Web Server 6.8 allows remote attackers to execute arbitrary code via a long string in a cookie UserID parameter to vfolder.ghp.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3791

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1

SAINT Exploits

Description Link
Easy File Sharing Web Server SESSIONID Cookie Handling Buffer Overflow More info here

Sources (Detail)

Source Url
BID http://www.securityfocus.com/bid/67406
EXPLOIT-DB http://www.exploit-db.com/exploits/33352
MISC http://blog.techorganic.com/2014/05/14/from-fuzzing-to-0-day
http://packetstormsecurity.com/files/126614/Easy-File-Sharing-Web-Server-6.8-...
OSVDB http://osvdb.org/show/osvdb/106965

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
Date Informations
2021-05-04 12:32:29
  • Multiple Updates
2021-04-22 01:39:36
  • Multiple Updates
2020-05-23 13:17:05
  • Multiple Updates
2020-05-23 00:41:13
  • Multiple Updates
2016-06-29 00:35:46
  • Multiple Updates
2014-05-30 21:22:39
  • Multiple Updates
2014-05-22 05:22:24
  • Multiple Updates
2014-05-20 21:23:06
  • First insertion