|
Description
|
This indicates an heap overflow vulnerability in Borland VisiBroker.
The vulnerability is caused by an input validation error in Smart Agent (osagent.exe) while processing malformed "DSRequest" packet. It allows remote attackers to execute arbitrary code via a crafted request.
|
|
|
|
Impact
|
|
System Compromise: Remote attackers can gain control of vulnerable systems.
|
|
|
|
Affected Products
|
|
Borland VisiBroker version 08.00.00.C1.03 and prior
|
|
Aliases
|
Borland.VisiBroker.Osagent.Exe.Code.Execution
|
|
References
|
http://www.frsirt.com/english/advisories/2008/0748
http://aluigi.altervista.org/adv/visibroken-adv.txt
|
|
Recommended Actions
|
|
Currently we are not aware of any vendor supplied patch for this issue.
|
