Computer Security
[EN] securityvulns.ru no-pyccku


SonicWALL SSL-VPN ActiveX buffer overflow
Published:02.11.2010
Source:
SecurityVulns ID:11227
Type:client
Threat Level:
5/10
Description:Buffer overflow in SonicWALL SSL-VPN End-Point ActiveX Install3rdPartyComponent() method.
CVE:CVE-2010-2583 (Stack-based buffer overflow in SonicWALL SSL-VPN End-Point Interrogator/Installer ActiveX control (Aventail.EPInstaller) before 10.5.2 and 10.0.5 hotfix 3 allows remote attackers to execute arbitrary code via long (1) CabURL and (2) Location arguments to the Install3rdPartyComponent method.)
Original documentdocumentSECUNIA, Secunia Research: SonicWALL SSL-VPN End-Point ActiveX Control Buffer Overflow (02.11.2010)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod