Summary
The host is running Presto! PageManager and is prone to multiple vulnerabilities.
Impact
Successful exploitation may allow remote attackers to download arbitrary files, execute arbitrary code in the context of the application or cause denial-of-service conditions.
Impact Level: Application/System
Solution
No solution or patch was made available for at least one year since disclosure of this vulnerability. Likely none will be provided anymore.
General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one.
Insight
- A boundary error in the Network Group Service when processing certain network requests can be exploited to cause a heap-based buffer overflow.
- An input validation error in the Network Group Service when processing certain network requests can be exploited to download arbitrary files via a specially crafted packet sent to TCP port 2502.
- An error in the Network Group Service when processing certain network requests can be exploited to cause an unhandled exception and terminate the service.
Affected
Presto! PageManager version 9.01 and prior
References
Severity
Classification
-
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe AIR Multiple Vulnerabilities -01 Feb13 (Linux)
- Adobe Acrobat Out-of-bounds Vulnerability Feb15 (Mac OS X)
- Adobe Acrobat Multiple Vulnerabilities -01 Jan 13 (Windows)
- Adobe Flash Player 'SWF' File Multiple Code Execution Vulnerability - Windows
- Adobe AIR Multiple Vulnerabilities-01 Sep13 (Mac OS X)