Arbitrary Code Execution via Crafted Flash File in IBM Emptoris Contract Management
CVE-2015-5042 · MEDIUM Severity
AV:N/AC:L/AU:N/C:N/I:P/A:N
IBM Emptoris Contract Management 9.5.0.x before 9.5.0.6 iFix15, 10.0.0.x and 10.0.1.x before 10.0.1.5 iFix5, 10.0.2.x before 10.0.2.7 iFix4, and 10.0.4.x before 10.0.4.0 iFix3 allows remote attackers to execute arbitrary code by including a crafted Flash file.
Learn more about our Web Application Penetration Testing UK.