SyncBack Profile Import Buffer Overflow Vulnerability Network Vulnerability

Summary

This host is installed with SyncBack Freeware and is prone to buffer overflow vulnerability.

Impact

Successful exploitation will allow remote attackers to execute arbitrary code. Impact Level: Application.

Solution

Upgrade to the SyncBack Freeware version 3.2.21 For updates refer to http://www.2brightsparks.com/downloads.html#freeware

Insight

The flaw exists due to boundary error when importing 'SyncBack' profiles, which leads to stack-based buffer overflow when a user opens a specially crafted '.sps' file.

Affected

SyncBack Freeware version prior to 3.2.21

References

http://osvdb.org/64752
http://secunia.com/advisories/39865
http://xforce.iss.net/xforce/xfdb/58727

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-1688

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Alpine tmail and dmail Buffer Overflow Vulnerabilities (Win)
Adobe Photoshop PNG Image Processing Buffer Overflow Vulnerabilities (Mac OS X)
Adobe Flash Player Multiple Vulnerabilities - Mar09 (Linux)
Cyrus IMAP Server 'split_wildmats()' Remote Buffer Overflow Vulnerability
Adobe Flash Professional JPG Object Processing BOF Vulnerability (Windows)

Take action and discover your vulnerabilities