CVE-2015-6946

Name of the Vulnerable Software and Affected Versions Borland AccuRev (affected versions not specified)

Description The issue concerns multiple stack-based buffer overflows in the Reprise License Manager service. These overflows can be triggered by remote attackers through specific parameters, including the actserver and akey parameters to the activate doit function, as well as the licfile parameter to the service startup doit functionality. This allows attackers to execute arbitrary code.

Recommendations For the activate doit function, consider disabling the use of the actserver and akey parameters until a patch is available. Restrict access to the service startup doit functionality to minimize the risk of exploitation through the licfile parameter. At the moment, there is no information about a newer version that contains a fix for this vulnerability.