CVE-2015-0795 – NetIQ Security Solutions for ISeries NetIQExecObject.NetIQExec.1 SafeShellExecute Stack Buffer Overflow Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2015-0795

Multiple stack-based buffer overflows in the SafeShellExecute method in the NetIQExecObject.NetIQExec.1 ActiveX control in NetIQExec.dll in NetIQ Security Solutions for iSeries 8.1 allow remote attackers to execute arbitrary code via long arguments, aka ZDI-CAN-2699. Múltiple desbordamiento de pila del buffer en el método SafeShellExecute en NestlQ Security Solutions para iSeries 8.1 permite a atacantes remotos ejecutar código arbitrario a través de largos argumentos, también conocidos como ZDI-CAN-2699. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of NetIQ Security Solutions for ISeries. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the NetIQExecObject.NetIQExec.1 ActiveX Control. By providing overly long arguments to the SafeShellExecute function, an attacker can overflow fixed size stack buffers and execute arbitrary code in the context of the browser. • http://www.zerodayinitiative.com/advisories/ZDI-15-340 https://www.netiq.com/support/kb/doc.php?id=7016656 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •