Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-7126

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2008-7126
Last Modified 31 Aug 2009 12:00:00
Published 31 Aug 2009 06:30:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-7126

Summary

Integer overflow in osagent.exe in Borland VisiBroker Smart Agent 08.00.00.C1.03 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet with a large string length value to UDP port 14000, which triggers a heap-based buffer overflow.

Vulnerable Systems

Application

  • Microfocus Visibroker 08.00.00.c1.03


References

XF - visibroker-osagent-bo(40978)

VUPEN - ADV-2008-0748

BID - 28084

SECUNIA - 29213

OSVDB - 43057

FULLDISC - 20080303 Heap overflow in Borland VisiBroker Smart Agent 08.00.00.C1.03

MISC - http://aluigi.altervista.org/adv/visibroken-adv.txt


Last Updated: 27 May 2016 10:49:28