Intrusion Prevention

Netegrity.SiteMinder.Affiliate.Agent.Heap.Overflow

Description

It indicates a possible exploit of a heap overflow vulnerability in iteMinder Affiliate Agent that may allow remote attackers to execute arbitrary code via a large SMPOFILE cookie.

Affected Products

Netegrity SideMinder Affiliate Agent 4.0

Impact

Execute arbitrary code in the context of affected application.

Recommended Actions

Netegrity has released a fixed version:Web Agent 4QMR6 HF-016
https://support.netegrity.com

CVE References

CVE-2004-0425