Computer Security

SonicWALL SSL-VPN ActiveX buffer overflow
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



SonicWALL SSL-VPN ActiveX buffer overflow
Published:02.11.2010
Source:BUGTRAQ
SecurityVulns ID:11227
Type:client
Level:5/10
Description:Buffer overflow in SonicWALL SSL-VPN End-Point ActiveX Install3rdPartyComponent() method.
CVE:CVE-2010-2583 (Stack-based buffer overflow in SonicWALL SSL-VPN End-Point Interrogator/Installer ActiveX control (Aventail.EPInstaller) before 10.5.2 and 10.0.5 hotfix 3 allows remote attackers to execute arbitrary code via long (1) CabURL and (2) Location arguments to the Install3rdPartyComponent method.)
Original documentdocumentSECUNIA, Secunia Research: SonicWALL SSL-VPN End-Point ActiveX Control Buffer Overflow (02.11.2010)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru