Vulnerability Details CVE-2017-5830
Revive Adserver before 4.0.1 allows remote attackers to execute arbitrary code via serialized data in the cookies related to the delivery scripts.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.037
EPSS Ranking 87.5%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- http://www.openwall.com/lists/oss-security/2017/02/02/3
- http://www.securityfocus.com/bid/95875
- https://www.revive-adserver.com/security/revive-sa-2017-001/
- http://www.openwall.com/lists/oss-security/2017/02/02/3
- http://www.securityfocus.com/bid/95875
- https://www.revive-adserver.com/security/revive-sa-2017-001/
Products affected by CVE-2017-5830
-
cpe:2.3:a:revive-adserver:revive_adserver:-
-
cpe:2.3:a:revive-adserver:revive_adserver:3.0.0
-
cpe:2.3:a:revive-adserver:revive_adserver:3.0.1
-
cpe:2.3:a:revive-adserver:revive_adserver:3.0.2
-
cpe:2.3:a:revive-adserver:revive_adserver:3.0.3
-
cpe:2.3:a:revive-adserver:revive_adserver:3.0.4
-
cpe:2.3:a:revive-adserver:revive_adserver:3.0.5
-
cpe:2.3:a:revive-adserver:revive_adserver:3.1.0
-
cpe:2.3:a:revive-adserver:revive_adserver:3.2.0
-
cpe:2.3:a:revive-adserver:revive_adserver:3.2.1
-
cpe:2.3:a:revive-adserver:revive_adserver:3.2.2
-
cpe:2.3:a:revive-adserver:revive_adserver:3.2.3
-
cpe:2.3:a:revive-adserver:revive_adserver:3.2.4
-
cpe:2.3:a:revive-adserver:revive_adserver:4.0.0