• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Veritas Storage Exec Multiple Remote DCOM Buffer Overflow Vulnerabilities

Veritas Storage Exec is susceptible to multiple remote buffer overflow vulnerabilities. These issues are due to the lack of proper bounds checking of user-supplied data prior to copying it to fixed size memory buffers.

These issues are located in multiple DCOM servers in the affected product. Both stack-based, and heap-based overflows are identified. By calling associated ActiveX controls, attackers may exploit these overflows to execute arbitrary machine code.

These vulnerabilities may be exploited by visiting malicious Web sites, or viewing HTML email containing malicious script code.