VYPR
← All advisories
High severity7.8NVD Advisory· Published Aug 28, 2017· Updated May 13, 2026

CVE-2015-0114

CVE-2015-0114

Description

Stack-based buffer overflow in IBM V5R4, and IBM i Access for Windows 6.1 and 7.1.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Stack-based buffer overflow in IBM i Access for Windows Personal Communications Support allows local attackers to execute arbitrary code.

Vulnerability

A stack-based buffer overflow exists in the IBM i Access for Windows Personal Communications Support component, affecting IBM i Access for Windows releases V5R4, 6.1, and 7.1 [1]. The vulnerability is caused by improper bounds checking, leading to a buffer overflow when processing input [1].

Exploitation

An attacker must have local access to the system to trigger the vulnerability. By providing specially crafted input to the affected component, the attacker can overflow a buffer and cause arbitrary code execution or application crash [1].

Impact

Successful exploitation allows a local attacker to execute arbitrary code on the system with the privileges of the current user, potentially leading to full system compromise. Alternatively, it can cause the application to crash, resulting in denial of service [1].

Mitigation

IBM has released a fix for the vulnerability in the 7.1 service release of IBM i Access for Windows (product 5770-XE1). An interim fix is available via FTP [1]. Users running unsupported versions should upgrade to a supported and fixed version [1].

References
  1. Security Bulletin: Buffer Overflow vulnerability affects IBM i Access for Windows Personal Communications support (CVE-2015-0114)

AI Insight generated on May 22, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

3
  • IBM/I Access For Windows3 versions
    cpe:2.3:a:ibm:i_access_for_windows:5.4:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:ibm:i_access_for_windows:5.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:i_access_for_windows:6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:i_access_for_windows:7.1:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

2

News mentions

0

No linked articles in our index yet.