CVE-2015-2281

CVE Database · CVE-2015-2281

CVE-2015-2281

· N/AModified

CVSS v3.1

N/A

EPSS

10.53%

Published

Mar 19, 2015

Modified

May 6, 2026

Public PoC / Exploit (2)

All weaponized →

Exploit-DBFortinet Single Sign On - Stack Overflow TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Stack-based buffer overflow in collectoragent.exe in Fortinet Single Sign On (FSSO) before build 164 allows remote attackers to execute arbitrary code via a large PROCESS_HELLO message to the Message Dispatcher on TCP port 8000.

Weaknesses (CWE)

CWE-119

Affected Products (1)

fortinet · single_sign_onvulnerable

References (16)

http://seclists.org/fulldisclosure/2015/Mar/111

Exploit

http://www.coresecurity.com/advisories/fortinet-single-sign-on-stack-overflow

Exploit

http://www.fortiguard.com/advisory/2015-02-27-fsso-stack-based-buffer-overflow

http://www.fortiguard.com/advisory/FG-IR-15-006/

Vendor Advisory

http://www.osvdb.org/119719

http://www.securityfocus.com/archive/1/534918/100/0/threaded

http://www.securityfocus.com/bid/73206

https://www.exploit-db.com/exploits/36422/

http://seclists.org/fulldisclosure/2015/Mar/111

Exploit

KEV Catalog EPSS Scores Vendors All CVEs