SWSoft ASPSeek s.cgi Buffer Overflow Vulnerability

A buffer overflow in ASPSeek versions 1.0.0 through to 1.0.3 allows for arbitrary code execution with the privileges of the web server. The vulnerable script is s.cgi and the buffer overflow can be accessed by submitting an excessively long query string to the script (the variable tmpl, specifically).


 

Privacy Statement
Copyright 2010, SecurityFocus