FUJITSU SystemWizard Lite Multiple Vulnerabilities Network Vulnerability

Summary

This host is installed with FUJITSU SystemWizard Lite and is prone to multiple vulnerabilities.

Impact

Successful exploitation will let the attacker execute arbitrary codes via a large PXE protocol request in a UDP packet and also directory traversal attack sequences in unspecified vectors. Impact Level: Application

Solution

Apply the security patches. http://primeserver.fujitsu.com/primequest/products/os/windows2008.html

Insight

Improper boundary check of input data in DefaultSkin.ini in TFTP service, Registry Setting Tool and PXEService.exe files.

Affected

FUJITSU SystemWizard Lite version 2.0A and prior on Windows.

References

http://secunia.com/advisories/33594
http://securityvulns.com/Vdocument198.html

Updated on 2017-03-28

Severity

Classification

CVE CVE-2009-0264, CVE-2009-0270, CVE-2009-0271

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe InDesign 'INDD' File Handling Remote Buffer Overflow Vulnerability
ACDSee FotoSlate PLP Multiple Buffer Overflow Vulnerabilities
CuteFTP Heap Based Buffer Overflow Vulnerability
3CTftpSvc TFTP Server Long Mode Buffer Overflow Vulnerability
Adobe Reader/Acrobat Multiple Vulnerabilities - Nov08 (Win)

Take action and discover your vulnerabilities