Computer Security
[EN] securityvulns.ru no-pyccku


LiveData Protocol Server buffer overflow
Published:04.05.2007
Source:
SecurityVulns ID:7666
Type:remote
Threat Level:
5/10
Description:Heap buffer overflow on oversized WSDL file HTTP request (TCP/8080).
Affected:LIVEDATA : RTI 5.00
 LIVEDATA : Protocol Server 5.00
 LIVEDATA : Maintenance Server 5.00
CVE:CVE-2007-2490 (Unspecified vulnerability in LiveData Server before 5.00.62 allows remote attackers to cause a denial of service (exit) via crafted Connection-Oriented Transport Protocol (COTP) packets.)
 CVE-2007-2489 (Heap-based buffer overflow in LiveData Protocol Server 5.00.045, and other versions before update 500062 (5.00.062), allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted request for a WSDL file that causes a negative length to be used in a strncpy call.)
Original documentdocumentIDEFENSE, iDefense Security Advisory 05.02.07: LiveData Protocol Server Heap Overflow Vulnerability (04.05.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod