BigAnt IM Server HTTP GET Request Buffer Overflow Vulnerability Network Vulnerability

Summary

BigAnt IM Server is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user- supplied input. An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the server. Failed exploit attempts will result in a denial-of-service condition. BigAnt IM Server 2.50 is vulnerable other versions may also be affected. NOTE: This issue may be related to the vulnerability described in BID 28795 (BigAnt IM Server HTTP GET Request Remote Buffer Overflow Vulnerability). We will update or retire this BID if further analysis or reports reveal that the two records represent the same vulnerability.

Solution

Updates are available. Please contact the vendor for details.

References

http://www.bigantsoft.com
http://www.securityfocus.com/bid/36407

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-4660
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Apache APR and APR-util Multiple Integer Overflow Vulnerabilities
Adobe Reader 'File Extension' Buffer Overflow Vulnerability (Mac OS X)
CA ARCserve Backup Multiple Bufffer Overflow Vulnerabilities
Adobe Reader/Acrobat Multimedia Doc.media.newPlayer Code Execution Vulnerability (Win)
Adobe Reader 'Plug-in' Buffer Overflow Vulnerability (Linux)

Take action and discover your vulnerabilities