CounterPath eyeBeam SIP Header Data Remote Buffer Overflow Vulnerability

CounterPath eyeBeam SIP Header Data Remote Buffer Overflow Vulnerability

A remote buffer-overflow vulnerability affects CounterPath eyeBeam because the application fails to properly validate the length of user-supplied strings prior to copying them into static process buffers.

An attacker may exploit this issue to crash the affected application. Presumably, remote arbitrary code execution may also be possible. This may facilitate unauthorized access or privilege escalation.

Information regarding specific versions affected is currently unavailable. This BID will be updated as further information is disclosed. Note that the eyeBeam package has been re-branded and redistributed by other vendors.