CVE-2014-6119

high

Description

IBM Security AppScan Enterprise 8.5 before 8.5 IFix 002, 8.6 before 8.6 IFix 004, 8.7 before 8.7 IFix 004, 8.8 before 8.8 iFix 003, 9.0 before 9.0.0.1 iFix 003, and 9.0.1 before 9.0.1 iFix 001 allows remote attackers to execute arbitrary code via a crafted executable file in an archive.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/96720

http://www.securitytracker.com/id/1031427

http://www-01.ibm.com/support/docview.wss?uid=swg21693183

http://www-01.ibm.com/support/docview.wss?uid=swg21693035

http://secunia.com/advisories/62012

Details

Source: Mitre, NVD

Published: 2014-12-23

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.09944