Summary
BigAnt IM Server is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user- supplied input.
An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the server. Failed exploit attempts will result in a denial-of-service condition.
BigAnt IM Server 2.50 is vulnerable
other versions may also be
affected.
NOTE: This issue may be related to the vulnerability described in BID 28795 (BigAnt IM Server HTTP GET Request Remote Buffer Overflow Vulnerability). We will update or retire this BID if further analysis or reports reveal that the two records represent the same vulnerability.
Solution
Updates are available. Please contact the vendor for details.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2009-4660 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Flash Player Buffer Overflow Vulnerability (Mac OS X)
- BarCodeWiz 'BarcodeWiz.dll' ActiveX Control BOF Vulnerability
- Adobe Reader 'XFDF' File Buffer Overflow Vulnerability (Windows)
- CA ARCserve Backup Multiple Bufffer Overflow Vulnerabilities
- Adobe Reader 'mailListIsPdf' Buffer Overflow Vulnerability (Linux)