Summary
BigAnt IM Server is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user- supplied input.
An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the server. Failed exploit attempts will result in a denial-of-service condition.
BigAnt IM Server 2.50 is vulnerable
other versions may also be
affected.
NOTE: This issue may be related to the vulnerability described in BID 28795 (BigAnt IM Server HTTP GET Request Remote Buffer Overflow Vulnerability). We will update or retire this BID if further analysis or reports reveal that the two records represent the same vulnerability.
Solution
Updates are available. Please contact the vendor for details.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2009-4660 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Apache APR and APR-util Multiple Integer Overflow Vulnerabilities
- Adobe Reader 'File Extension' Buffer Overflow Vulnerability (Mac OS X)
- CA ARCserve Backup Multiple Bufffer Overflow Vulnerabilities
- Adobe Reader/Acrobat Multimedia Doc.media.newPlayer Code Execution Vulnerability (Win)
- Adobe Reader 'Plug-in' Buffer Overflow Vulnerability (Linux)