Stack-based buffer overflow in XferWan.exe as used in multiple products including (1) Symantec Discovery 6.5, (2) Numara Asset Manager 8.0, and (3) Centennial UK Ltd Discovery 2006 Feature Pack, allows remote attackers to execute arbitrary code via a long request. NOTE: this might be a reservation duplicate of CVE-2007-1173.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Discovery | Centennial | 2006_featurepack1 (including) | 2006_featurepack1 (including) |
| Asset_manager | Numara | 8.0 (including) | 8.0 (including) |
| Discovery | Symantec | 6.5 (including) | 6.5 (including) |
References
- http://dvlabs.tippingpoint.com/advisory/TPTI-07-10
- http://osvdb.org/42059
- http://securityreason.com/securityalert/2785
- http://www.securityfocus.com/archive/1/470563/100/0/threaded
- http://www.securityfocus.com/bid/24317
- http://www.securitytracker.com/id?1018191
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34723
- http://dvlabs.tippingpoint.com/advisory/TPTI-07-10
- http://osvdb.org/42059
- http://securityreason.com/securityalert/2785
- http://www.securityfocus.com/archive/1/470563/100/0/threaded
- http://www.securityfocus.com/bid/24317
- http://www.securitytracker.com/id?1018191
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34723