CVE-2024-23622 – IBM Merge Healthcare eFilm Workstation License Server CopySLS_Request3 Buffer Overflow
https://notcve.org/view.php?id=CVE-2024-23622
A stack-based buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server. A remote, unauthenticated attacker can exploit this vulnerability to achieve remote code execution with SYSTEM privileges. Existe un desbordamiento de búfer en la región stack de la memoria en el servidor de licencias de IBM Merge Healthcare eFilm Workstation. Un atacante remoto no autenticado puede aprovechar esta vulnerabilidad para lograr la ejecución remota de código con privilegios de SYSTEM. • https://blog.exodusintel.com/2024/01/25/ibm-merge-healthcare-efilm-workstation-license-server-copysls_request3-buffer-overflow • CWE-131: Incorrect Calculation of Buffer Size CWE-787: Out-of-bounds Write •
CVE-2024-23621 – IBM Merge Healthcare eFilm Workstation License Server Buffer Overflow
https://notcve.org/view.php?id=CVE-2024-23621
A buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server. A remote, unauthenticated attacker can exploit this vulnerability to achieve remote code execution. Existe un desbordamiento de búfer en el servidor de licencias de IBM Merge Healthcare eFilm Workstation. Un atacante remoto no autenticado puede aprovechar esta vulnerabilidad para lograr la ejecución remota de código. • https://blog.exodusintel.com/2024/01/25/ibm-merge-healthcare-efilm-workstation-license-server-buffer-overflow • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-131: Incorrect Calculation of Buffer Size •
CVE-2024-23620 – IBM Merge Healthcare eFilm Workstation SYSTEM Privilege Escalation
https://notcve.org/view.php?id=CVE-2024-23620
An improper privilege management vulnerability exists in IBM Merge Healthcare eFilm Workstation. A local, authenticated attacker can exploit this vulnerability to escalate privileges to SYSTEM. Existe una vulnerabilidad de gestión de privilegios inadecuada en IBM Merge Healthcare eFilm Workstation. Un atacante local autenticado puede aprovechar esta vulnerabilidad para escalar privilegios al SISTEMA. • https://blog.exodusintel.com/2024/01/25/ibm-merge-healthcare-efilm-workstation-system-privilege-escalation • CWE-269: Improper Privilege Management •
CVE-2024-23619 – IBM Merge Healthcare eFilm Workstation Hardcoded Credentials
https://notcve.org/view.php?id=CVE-2024-23619
A hardcoded credential vulnerability exists in IBM Merge Healthcare eFilm Workstation. A remote, unauthenticated attacker can exploit this vulnerability to achieve information disclosure or remote code execution. Existe una vulnerabilidad de credencial codificada en IBM Merge Healthcare eFilm Workstation. Un atacante remoto y no autenticado puede aprovechar esta vulnerabilidad para lograr la divulgación de información o la ejecución remota de código. • https://blog.exodusintel.com/2024/01/25/ibm-merge-healthcare-efilm-workstation-information-disclosure • CWE-798: Use of Hard-coded Credentials •