Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-1339

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2003-1339
Last Modified 05 Sep 2008 12:00:00
Published 31 Dec 2003 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-1339

Summary

Stack-based buffer overflow in eZnet.exe, as used in eZ (a) eZphotoshare, (b) eZmeeting, (c) eZnetwork, and (d) eZshare allows remote attackers to cause a denial of service (crash) or execute arbitrary code, as demonstrated via (1) a long GET request and (2) a long operation or autologin parameter to SwEzModule.dll.

Vulnerable Systems

Application

  • Ezmeeting 3.3

  • Ezmeeting 3.4

  • Ezmeeting 3.5


References

MILW0RM - 133

MISC - http://www.governmentsecurity.org/archive/t5390.html

SECTRACK - 1008412

BUGTRAQ - 20031211 eZ and eZphotoshare fixes

BUGTRAQ - 20031207 eZ Multiple Packages Stack Overflow Vulnerability


Last Updated: 27 May 2016 10:38:19