Vulnerability-Lookup

CVE-2016-4402 (GCVE-0-2016-4402)

Vulnerability from cvelistv5 – Published: 2018-08-06 20:00 – Updated: 2024-08-06 00:25

Summary

A security vulnerability was identified in the Filter SDK component of HP KeyView earlier than v11.2. The vulnerability could be exploited remotely to allow code execution via buffer overflow.

Severity

No CVSS data available.

CWE

remote code execution via buffer overflow

Assigner

hpe

References

3 references

URL	Tags
https://support.hpe.com/hpsc/doc/public/display?d…	x_refsource_CONFIRM
http://www.securityfocus.com/bid/94184	vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1037235	vdb-entryx_refsource_SECTRACK

Impacted products

1 product

Vendor	Product	Version
Hewlett Packard Enterprise	HP Keyview	Affected: earlier than v11.2

Date Public

2016-11-04 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T00:25:14.523Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05325836"
          },
          {
            "name": "94184",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/94184"
          },
          {
            "name": "1037235",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1037235"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "HP Keyview",
          "vendor": "Hewlett Packard Enterprise",
          "versions": [
            {
              "status": "affected",
              "version": "earlier than v11.2"
            }
          ]
        }
      ],
      "datePublic": "2016-11-04T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A security vulnerability was identified in the Filter SDK component of HP KeyView earlier than v11.2. The vulnerability could be exploited remotely to allow code execution via buffer overflow."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "remote code execution via buffer overflow",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-08-07T09:57:01.000Z",
        "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "shortName": "hpe"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05325836"
        },
        {
          "name": "94184",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/94184"
        },
        {
          "name": "1037235",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1037235"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-alert@hpe.com",
          "ID": "CVE-2016-4402",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "HP Keyview",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "earlier than v11.2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Hewlett Packard Enterprise"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A security vulnerability was identified in the Filter SDK component of HP KeyView earlier than v11.2. The vulnerability could be exploited remotely to allow code execution via buffer overflow."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "remote code execution via buffer overflow"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05325836",
              "refsource": "CONFIRM",
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05325836"
            },
            {
              "name": "94184",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/94184"
            },
            {
              "name": "1037235",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1037235"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
    "assignerShortName": "hpe",
    "cveId": "CVE-2016-4402",
    "datePublished": "2018-08-06T20:00:00.000Z",
    "dateReserved": "2016-04-29T00:00:00.000Z",
    "dateUpdated": "2024-08-06T00:25:14.523Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2016-4402",
      "date": "2026-05-29",
      "epss": "0.11368",
      "percentile": "0.93668"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hp:keyview:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"11.2\", \"matchCriteriaId\": \"C685D689-6D7B-4605-9CB4-66A9302817BD\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A security vulnerability was identified in the Filter SDK component of HP KeyView earlier than v11.2. The vulnerability could be exploited remotely to allow code execution via buffer overflow.\"}, {\"lang\": \"es\", \"value\": \"Se ha identificado una vulnerabilidad de seguridad en el componente Filter SDK de HP KeyView en versiones anteriores a la v11.2. La vulnerabilidad podr\\u00eda explotarse remotamente para permitir la ejecuci\\u00f3n de c\\u00f3digo mediante un desbordamiento de b\\u00fafer.\"}]",
      "id": "CVE-2016-4402",
      "lastModified": "2024-11-21T02:52:02.630",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2018-08-06T20:29:00.553",
      "references": "[{\"url\": \"http://www.securityfocus.com/bid/94184\", \"source\": \"security-alert@hpe.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1037235\", \"source\": \"security-alert@hpe.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05325836\", \"source\": \"security-alert@hpe.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/94184\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1037235\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05325836\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "security-alert@hpe.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-119\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2016-4402\",\"sourceIdentifier\":\"security-alert@hpe.com\",\"published\":\"2018-08-06T20:29:00.553\",\"lastModified\":\"2024-11-21T02:52:02.630\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A security vulnerability was identified in the Filter SDK component of HP KeyView earlier than v11.2. The vulnerability could be exploited remotely to allow code execution via buffer overflow.\"},{\"lang\":\"es\",\"value\":\"Se ha identificado una vulnerabilidad de seguridad en el componente Filter SDK de HP KeyView en versiones anteriores a la v11.2. La vulnerabilidad podr\u00eda explotarse remotamente para permitir la ejecuci\u00f3n de c\u00f3digo mediante un desbordamiento de b\u00fafer.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:keyview:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"11.2\",\"matchCriteriaId\":\"C685D689-6D7B-4605-9CB4-66A9302817BD\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/94184\",\"source\":\"security-alert@hpe.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1037235\",\"source\":\"security-alert@hpe.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05325836\",\"source\":\"security-alert@hpe.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/94184\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1037235\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05325836\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

CNVD-2016-11186

Vulnerability from cnvd - Published: 2016-11-17

Title

HP KeyView缓冲区溢出漏洞

Description

HP KeyView是美国惠普（HP）公司的一套文件过滤和转换软件。该软件支持对多种平台上的文件提取内容、元数据和其他相关属性等。 HP KeyView存在缓冲区溢出漏洞，允许攻击者利用该漏洞在受影响的应用程序上下文中执行任意代码，失败尝试可能导致拒绝服务。

Severity

中

Patch Name

HP KeyView缓冲区溢出漏洞的补丁

Patch Description

HP KeyView是美国惠普（HP）公司的一套文件过滤和转换软件。该软件支持对多种平台上的文件提取内容、元数据和其他相关属性等。 HP KeyView存在缓冲区溢出漏洞，允许攻击者利用该漏洞在受影响的应用程序上下文中执行任意代码，失败尝试可能导致拒绝服务。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已经发布了升级补丁以修复此安全问题，补丁获取链接： https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05325836

Reference

http://www.securityfocus.com/bid/94184 https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05325836

Impacted products

Name
HP KeyView <=10.25

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "94184"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-4402"
    }
  },
  "description": "HP KeyView\u662f\u7f8e\u56fd\u60e0\u666e\uff08HP\uff09\u516c\u53f8\u7684\u4e00\u5957\u6587\u4ef6\u8fc7\u6ee4\u548c\u8f6c\u6362\u8f6f\u4ef6\u3002\u8be5\u8f6f\u4ef6\u652f\u6301\u5bf9\u591a\u79cd\u5e73\u53f0\u4e0a\u7684\u6587\u4ef6\u63d0\u53d6\u5185\u5bb9\u3001\u5143\u6570\u636e\u548c\u5176\u4ed6\u76f8\u5173\u5c5e\u6027\u7b49\u3002 \r\n\r\nHP KeyView\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u5141\u8bb8\u653b\u51fb\u8005\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u53d7\u5f71\u54cd\u7684\u5e94\u7528\u7a0b\u5e8f\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u4efb\u610f\u4ee3\u7801\uff0c\u5931\u8d25\u5c1d\u8bd5\u53ef\u80fd\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3002",
  "discovererName": "Andrew Brooks of Imanage.com.",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05325836",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-11186",
  "openTime": "2016-11-17",
  "patchDescription": "HP KeyView\u662f\u7f8e\u56fd\u60e0\u666e\uff08HP\uff09\u516c\u53f8\u7684\u4e00\u5957\u6587\u4ef6\u8fc7\u6ee4\u548c\u8f6c\u6362\u8f6f\u4ef6\u3002\u8be5\u8f6f\u4ef6\u652f\u6301\u5bf9\u591a\u79cd\u5e73\u53f0\u4e0a\u7684\u6587\u4ef6\u63d0\u53d6\u5185\u5bb9\u3001\u5143\u6570\u636e\u548c\u5176\u4ed6\u76f8\u5173\u5c5e\u6027\u7b49\u3002 \r\n\r\nHP KeyView\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u5141\u8bb8\u653b\u51fb\u8005\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u53d7\u5f71\u54cd\u7684\u5e94\u7528\u7a0b\u5e8f\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u4efb\u610f\u4ee3\u7801\uff0c\u5931\u8d25\u5c1d\u8bd5\u53ef\u80fd\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "HP KeyView\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "HP KeyView \u003c=10.25"
  },
  "referenceLink": "http://www.securityfocus.com/bid/94184\r\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05325836",
  "serverity": "\u4e2d",
  "submitTime": "2016-11-10",
  "title": "HP KeyView\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e"
}

FKIE_CVE-2016-4402

Vulnerability from fkie_nvd - Published: 2018-08-06 20:29 - Updated: 2024-11-21 02:52

Severity

9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

A security vulnerability was identified in the Filter SDK component of HP KeyView earlier than v11.2. The vulnerability could be exploited remotely to allow code execution via buffer overflow.

References

URL	Tags
security-alert@hpe.com	http://www.securityfocus.com/bid/94184	Third Party Advisory, VDB Entry
security-alert@hpe.com	http://www.securitytracker.com/id/1037235	Third Party Advisory, VDB Entry
security-alert@hpe.com	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05325836	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/94184	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1037235	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05325836	Vendor Advisory

Impacted products

	Vendor	Product	Version
	hp	keyview	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:hp:keyview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C685D689-6D7B-4605-9CB4-66A9302817BD",
              "versionEndExcluding": "11.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A security vulnerability was identified in the Filter SDK component of HP KeyView earlier than v11.2. The vulnerability could be exploited remotely to allow code execution via buffer overflow."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad de seguridad en el componente Filter SDK de HP KeyView en versiones anteriores a la v11.2. La vulnerabilidad podr\u00eda explotarse remotamente para permitir la ejecuci\u00f3n de c\u00f3digo mediante un desbordamiento de b\u00fafer."
    }
  ],
  "id": "CVE-2016-4402",
  "lastModified": "2024-11-21T02:52:02.630",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-08-06T20:29:00.553",
  "references": [
    {
      "source": "security-alert@hpe.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/94184"
    },
    {
      "source": "security-alert@hpe.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1037235"
    },
    {
      "source": "security-alert@hpe.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05325836"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/94184"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1037235"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05325836"
    }
  ],
  "sourceIdentifier": "security-alert@hpe.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-744M-7FP3-WPM2

Vulnerability from github – Published: 2022-05-14 02:57 – Updated: 2022-05-14 02:57

Details

A security vulnerability was identified in the Filter SDK component of HP KeyView earlier than v11.2. The vulnerability could be exploited remotely to allow code execution via buffer overflow.

Severity

9.8 (Critical)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2016-4402"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-08-06T20:29:00Z",
    "severity": "CRITICAL"
  },
  "details": "A security vulnerability was identified in the Filter SDK component of HP KeyView earlier than v11.2. The vulnerability could be exploited remotely to allow code execution via buffer overflow.",
  "id": "GHSA-744m-7fp3-wpm2",
  "modified": "2022-05-14T02:57:02Z",
  "published": "2022-05-14T02:57:02Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4402"
    },
    {
      "type": "WEB",
      "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05325836"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/94184"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1037235"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2016-4402

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

A security vulnerability was identified in the Filter SDK component of HP KeyView earlier than v11.2. The vulnerability could be exploited remotely to allow code execution via buffer overflow.

Aliases

CVE-2016-4402

Aliases

CVE-2016-4402

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2016-4402",
    "description": "A security vulnerability was identified in the Filter SDK component of HP KeyView earlier than v11.2. The vulnerability could be exploited remotely to allow code execution via buffer overflow.",
    "id": "GSD-2016-4402"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2016-4402"
      ],
      "details": "A security vulnerability was identified in the Filter SDK component of HP KeyView earlier than v11.2. The vulnerability could be exploited remotely to allow code execution via buffer overflow.",
      "id": "GSD-2016-4402",
      "modified": "2023-12-13T01:21:18.238044Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security-alert@hpe.com",
        "ID": "CVE-2016-4402",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "HP Keyview",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "earlier than v11.2"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Hewlett Packard Enterprise"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A security vulnerability was identified in the Filter SDK component of HP KeyView earlier than v11.2. The vulnerability could be exploited remotely to allow code execution via buffer overflow."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "remote code execution via buffer overflow"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05325836",
            "refsource": "CONFIRM",
            "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05325836"
          },
          {
            "name": "94184",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/94184"
          },
          {
            "name": "1037235",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1037235"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:hp:keyview:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "11.2",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security-alert@hpe.com",
          "ID": "CVE-2016-4402"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A security vulnerability was identified in the Filter SDK component of HP KeyView earlier than v11.2. The vulnerability could be exploited remotely to allow code execution via buffer overflow."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05325836",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-c05325836"
            },
            {
              "name": "1037235",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id/1037235"
            },
            {
              "name": "94184",
              "refsource": "BID",
              "tags": [
                "VDB Entry",
                "Third Party Advisory"
              ],
              "url": "http://www.securityfocus.com/bid/94184"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2018-10-05T14:02Z",
      "publishedDate": "2018-08-06T20:29Z"
    }
  }
}

WID-SEC-W-2022-2364

Vulnerability from csaf_certbund - Published: 2022-12-18 23:00 - Updated: 2022-12-18 23:00

Summary

HCL Domino und HCL Notes: Mehrere Schwachstellen ermöglichen Codeausführung

Severity

Hoch

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Domino bietet Unternehmens-E-Mail, sowie Kollaborations-Funktionen und eine Anwendungs-Plattform. Notes ist eine Groupware Software, die unter anderem auch als E-Mail Programm genutzt wird.

Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in HCL Domino und HCL Notes ausnutzen, um beliebigen Programmcode auszuführen.

Betroffene Betriebssysteme: - Sonstiges

CVE-2016-4404

In HCL Domino und HCL Notes existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Filter SDK und HP KeyView. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausführung von beliebigem Code ausnutzen.

CVE-2016-4403

CVE-2016-4402

CVE-2016-4390

CVE-2016-4389

CVE-2016-4388

CVE-2016-4387

CVE-2015-5424

CVE-2015-5423

CVE-2015-5422

CVE-2015-5421

CVE-2015-5420

CVE-2015-5419

CVE-2015-5418

CVE-2015-5417

CVE-2015-5416

References

4 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://support.hcltechsw.com/csm?id=kb_article&s…	external
https://support.hcltechsw.com/csm?id=kb_article&s…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Domino bietet Unternehmens-E-Mail, sowie Kollaborations-Funktionen und eine Anwendungs-Plattform.\r\nNotes ist eine Groupware Software, die unter anderem auch als E-Mail Programm genutzt wird.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in HCL Domino und HCL Notes ausnutzen, um beliebigen Programmcode auszuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2022-2364 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-2364.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2022-2364 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-2364"
      },
      {
        "category": "external",
        "summary": "HCL Software - Security Bulletin vom 2022-12-18",
        "url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0102150"
      },
      {
        "category": "external",
        "summary": "HCL Software - Security Bulletin vom 2022-12-18",
        "url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0102147"
      }
    ],
    "source_lang": "en-US",
    "title": "HCL Domino und HCL Notes: Mehrere Schwachstellen erm\u00f6glichen Codeausf\u00fchrung",
    "tracking": {
      "current_release_date": "2022-12-18T23:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T17:40:10.645+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2022-2364",
      "initial_release_date": "2022-12-18T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2022-12-18T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "HCL Domino \u003c 9.0.1 FP10 IF9",
            "product": {
              "name": "HCL Domino \u003c 9.0.1 FP10 IF9",
              "product_id": "T025633",
              "product_identification_helper": {
                "cpe": "cpe:/a:hcltech:domino:9.0.1_fp10_if9"
              }
            }
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "HCL Notes \u003c 9.0.1 FP10 IF11",
                "product": {
                  "name": "HCL Notes \u003c 9.0.1 FP10 IF11",
                  "product_id": "T025634",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:hcltech:notes:9.0.1_fp10_if11"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "HCL Notes \u003c 10.0.1 FP8",
                "product": {
                  "name": "HCL Notes \u003c 10.0.1 FP8",
                  "product_id": "T025635",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:hcltech:notes:10.0.1_fp8"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Notes"
          }
        ],
        "category": "vendor",
        "name": "HCL"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2016-4404",
      "notes": [
        {
          "category": "description",
          "text": "In HCL Domino und HCL Notes existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Filter SDK und HP KeyView. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen."
        }
      ],
      "release_date": "2022-12-18T23:00:00.000+00:00",
      "title": "CVE-2016-4404"
    },
    {
      "cve": "CVE-2016-4403",
      "notes": [
        {
          "category": "description",
          "text": "In HCL Domino und HCL Notes existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Filter SDK und HP KeyView. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen."
        }
      ],
      "release_date": "2022-12-18T23:00:00.000+00:00",
      "title": "CVE-2016-4403"
    },
    {
      "cve": "CVE-2016-4402",
      "notes": [
        {
          "category": "description",
          "text": "In HCL Domino und HCL Notes existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Filter SDK und HP KeyView. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen."
        }
      ],
      "release_date": "2022-12-18T23:00:00.000+00:00",
      "title": "CVE-2016-4402"
    },
    {
      "cve": "CVE-2016-4390",
      "notes": [
        {
          "category": "description",
          "text": "In HCL Domino und HCL Notes existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Filter SDK und HP KeyView. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen."
        }
      ],
      "release_date": "2022-12-18T23:00:00.000+00:00",
      "title": "CVE-2016-4390"
    },
    {
      "cve": "CVE-2016-4389",
      "notes": [
        {
          "category": "description",
          "text": "In HCL Domino und HCL Notes existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Filter SDK und HP KeyView. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen."
        }
      ],
      "release_date": "2022-12-18T23:00:00.000+00:00",
      "title": "CVE-2016-4389"
    },
    {
      "cve": "CVE-2016-4388",
      "notes": [
        {
          "category": "description",
          "text": "In HCL Domino und HCL Notes existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Filter SDK und HP KeyView. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen."
        }
      ],
      "release_date": "2022-12-18T23:00:00.000+00:00",
      "title": "CVE-2016-4388"
    },
    {
      "cve": "CVE-2016-4387",
      "notes": [
        {
          "category": "description",
          "text": "In HCL Domino und HCL Notes existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Filter SDK und HP KeyView. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen."
        }
      ],
      "release_date": "2022-12-18T23:00:00.000+00:00",
      "title": "CVE-2016-4387"
    },
    {
      "cve": "CVE-2015-5424",
      "notes": [
        {
          "category": "description",
          "text": "In HCL Domino und HCL Notes existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Filter SDK und HP KeyView. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen."
        }
      ],
      "release_date": "2022-12-18T23:00:00.000+00:00",
      "title": "CVE-2015-5424"
    },
    {
      "cve": "CVE-2015-5423",
      "notes": [
        {
          "category": "description",
          "text": "In HCL Domino und HCL Notes existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Filter SDK und HP KeyView. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen."
        }
      ],
      "release_date": "2022-12-18T23:00:00.000+00:00",
      "title": "CVE-2015-5423"
    },
    {
      "cve": "CVE-2015-5422",
      "notes": [
        {
          "category": "description",
          "text": "In HCL Domino und HCL Notes existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Filter SDK und HP KeyView. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen."
        }
      ],
      "release_date": "2022-12-18T23:00:00.000+00:00",
      "title": "CVE-2015-5422"
    },
    {
      "cve": "CVE-2015-5421",
      "notes": [
        {
          "category": "description",
          "text": "In HCL Domino und HCL Notes existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Filter SDK und HP KeyView. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen."
        }
      ],
      "release_date": "2022-12-18T23:00:00.000+00:00",
      "title": "CVE-2015-5421"
    },
    {
      "cve": "CVE-2015-5420",
      "notes": [
        {
          "category": "description",
          "text": "In HCL Domino und HCL Notes existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Filter SDK und HP KeyView. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen."
        }
      ],
      "release_date": "2022-12-18T23:00:00.000+00:00",
      "title": "CVE-2015-5420"
    },
    {
      "cve": "CVE-2015-5419",
      "notes": [
        {
          "category": "description",
          "text": "In HCL Domino und HCL Notes existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Filter SDK und HP KeyView. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen."
        }
      ],
      "release_date": "2022-12-18T23:00:00.000+00:00",
      "title": "CVE-2015-5419"
    },
    {
      "cve": "CVE-2015-5418",
      "notes": [
        {
          "category": "description",
          "text": "In HCL Domino und HCL Notes existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Filter SDK und HP KeyView. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen."
        }
      ],
      "release_date": "2022-12-18T23:00:00.000+00:00",
      "title": "CVE-2015-5418"
    },
    {
      "cve": "CVE-2015-5417",
      "notes": [
        {
          "category": "description",
          "text": "In HCL Domino und HCL Notes existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Filter SDK und HP KeyView. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen."
        }
      ],
      "release_date": "2022-12-18T23:00:00.000+00:00",
      "title": "CVE-2015-5417"
    },
    {
      "cve": "CVE-2015-5416",
      "notes": [
        {
          "category": "description",
          "text": "In HCL Domino und HCL Notes existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten Filter SDK und HP KeyView. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen."
        }
      ],
      "release_date": "2022-12-18T23:00:00.000+00:00",
      "title": "CVE-2015-5416"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2016-4402 (GCVE-0-2016-4402)

CNVD-2016-11186

FKIE_CVE-2016-4402

GHSA-744M-7FP3-WPM2

GSD-2016-4402

WID-SEC-W-2022-2364

Tags

Sightings

Nomenclature